Who Watches the Watchmen?
You might recognize this article’s title as an important question posed in Alan Moore’s classic graphic novel, "Watchmen." If you’re unfamiliar with the novel, this line examines what happens when heroes (the Watchmen) are left unchecked. What happens when one of them goes rogue and can’t stopped? It’s fundamentally a call for a checks and balances approach -- one that applies to various aspects of life and business.
For a tech-focused example of the need for “watchers,” consider a typical IT department’s system management tool. These tools are used by IT departments of all sizes, from small start-ups to larger early-stage firms with explosive growth. These tools are similar to a hero protecting citizens, but in this case it’s a company’s valuable data requiring protection. But what happens if the tool itself is compromised or malfunctions? Who watches the performance of the tool when the tool itself is designed to do the watching?
This is a question many businesses face when using agent-based solutions. If the agent is compromised and backdoor access is gained through the agent, then what happens to the network? Are there measures in place to mitigate the branding disaster that could follow? For some context, an agent is software that runs on a system and sends information to a central location for use by another program or service. Agentless solutions still collect the necessary data, but use the previously installed software instead of installing and maintaining software on every machine in the network.
The problem of unauthorized access or comprised agents is not simply a theoretical scenario. Recently, Panda Security and Symantec Altiris IT Management Suite (ITMS) had emergency patches released for their agent-based endpoint management software. Both clients had vulnerabilities in the agents that enabled unauthorized access to installed networks. It gave unauthorized users the ability to access system-level privileges, effectively controlling the system management tool undetected.
So what’s the solution for detecting and properly managing system management tools? Or as Alan Moore so eloquently puts it, “who watches the watchmen?”
As always, some of the responsibility falls to IT managers, but it’s a tall order when you’re entrusting the solution to perform a certain way and it misbehaves unexpectedly. It’s this unpredictability that explains why agentless technologies are gaining traction in the market.
Here’s four core benefits of an agentless cloud-based approach when applied to system management:
- Extreme flexibility because they allow management globally through simple Web browsers
- Hassle-free software distribution
- Controlled and safe software updates through patch management
- Reduced need for resources to manage or maintain an agent at various endpoints
Under an agentless model the functionality remains the same, but there is no footprint left once the assigned tasks are complete. There’s nothing installed on the endpoint, which removes access points that outside elements could use to gain control. It’s similar to another comic hero -- Batman. When there’s a need for him he appears and cleans up crime, but when the job is done he fades away into Bruce Wayne. Agentless technologies do the same thing – they get the job done when the need arises, but don’t stay longer than necessary and potentially ruin a smooth running situation.