Mastering endpoint security implementation
More devices connecting to the corporate network means more security risks. Here are some of the ways to protect your business
The amount of flexibility we have in our working lives is one of the best things about the business world today for many people. Thanks to mobile devices like smartphones, tablets, and laptops, we can carry out our duties more or less anywhere with a connection to the internet. We can even have a better work-life balance, since we can choose to work the hours that suit us.
Similarly, the the Internet of Things (IoT) is bringing in a variety of small devices and sensors that can aid organisations with core aspects of their business like productivity monitoring, increased automation, and preventative maintenance.
The five essentials from your endpoint security partner
Empower your MSP business to operate efficientlyDownload now
However, each one of these endpoints represents a potential security threat to the business.
55% of vulnerable endpoints contain sensitive or confidential data, according to The Cost of Insecure Endpoints report from the Ponemon Institute. If these endpoints are stolen, lost or accessed by a malicious actor – through spyware, for example – this data is at risk. A compromised endpoint may even allow a bad actor access to the information stored on it, or information that has passed through it, and it also provides an opportunity for this kind of individual to infiltrate the corporate network itself.
IT has had to turn its attention, therefore, to putting the right endpoint and data security solutions in place, as well as network security to maintain the safety of a business’s data.
What is endpoint security?
Protecting individual user devices that connect to a corporate network, and the confidential data they hold, is a practice known as endpoint security. Usually, this is implemented through the use of a centrally managed software that communicates with client software installed on each device.
Like any other security policy, endpoint security protects against existing and emerging threats to software, although devices tend to be targeted most often by the likes of trojans, which are designed to spread the reach of botnets, or occasionally ransomware.
Given that endpoint security is often offered as part of a software package, capabilities can differ depending on the provider. Most basic suites will offer antivirus protection, anti-spyware functions, firewalls, and host intrusion prevention systems (HIPS). You might also find data loss prevention, email encryption, network access control, endpoint detection, and application whitelisting services offered as part of the package, although the way these are deployed might vary and not all of them will be discrete options.
Endpoint security implementation best practices
What configuration of endpoint security services will be most effective will depend on the business you’re in. For example, a business that operates a bring your own device (BYOD) policy, or has a large number of IoT sensors deployed across a manufacturing line, will have notably different security needs over a business that runs a single traditional office environment.
However, there are some basic principles that every business will need to follow if they hope to get the most from endpoint security.
Know the risks
When planning this kind of security strategy, it's important to know what your endpoint landscape looks like. This can include a survey of your IT estate (company-issued laptops, PCs and smartphones, for example) as well as an audit of what personal devices access corporate data and which users they belong to.
It's also important to understand what data is passing through your endpoints. This can help establish an access management policy not just by the user but by the endpoint, which can help catch security threats early through behavioural analysis.
It's also worth keeping in mind any regulations in your industry, such as GDPR, that could dictate who is able to access what data.
Deploy endpoint protection
Antivirus on the endpoint is not enough nowadays. Endpoint security needs to cover as many threats as possible, so protection software needs to offer malware protection, application whitelisting, access control and so on.
Sometimes, one endpoint protection suite isn't enough. You may find that it's better for you to add dedicated antimalware, plus a separate access control or containerisation system, plus a level of artificial intelligence or machine learning to help detect divergence in normal behaviour or unknown devices trying to connect. However, bear in mind you will also need to manage all these setups, so a single solution that fits your needs as closely as possible may be more practical.
Amid all this focus on endpoints, it's also important not to forget the network perimeter. Corporate firewalls, data encryption and segregation are all still vital components of any security strategy.
Endpoint security in 2021
Endpoint security and the way it's conducted has come under significant scrutiny over the past year, thanks largely to the global pandemic.
Working from home, although not a completely new concept, has been becoming more popular in the last few years, and the mandatory stay-at-home orders gave credence to the argument that employees don’t need to come into the office in order to work productively, as well as securely.
Indeed, despite the UK’s vaccine rollout being well underway, few employees are jumping at the chance to return to the workplace, and only a third of businesses plan on implementing a full return to the office, according to research from Forrester. Instead, what's emerging both here and around the globe is a move to a hybrid model of working, which amalgamates elements of an office-based workforce, a flexible workforce and a fully remote workforce.
One example of this is Salesforce, which has announced its employees will have the choice of three working models; flex, fully remote, or office-based in its San Francisco premises, on the condition of proof of vaccination. Prior to the pandemic, around 18% of Salesforce employees were fully remote, with the company now expecting that number to eventually sit at around 20%, with the majority of employees are expected to choose a mix of home and in office.
While this seems to suit both businesses and workers, it does raise particular endpoint security concerns. Combining remote working with in-office might prove troublesome to oversee from a security standpoint, particularly if there's no formal BYOD policy in place, or there's a blurring of the lines between what is a home device and a work device even if it's company provisioned.
IT teams will have to be mindful of what kind of devices staff are using, as well as the software they're installing – this may force some businesses to roll out fairly restrictive policies.
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download