In-depth

Mastering endpoint security implementation

More devices connecting to the corporate network means more security risks. Here are some of the ways to protect your business

Endpoint protection or endpoint security interlocking gears

One of the best things about the business world today is the amount of flexibility we have in our working lives. Thanks to mobile devices, from smartphones to tablets to laptops, we can work more or less anywhere with an internet connection and at hours that enable a better work-life balance.

Similarly, the Internet of Things (IoT) is introducing a number of sensors and small devices that can help organisations with everything from productivity monitoring to increased automation and preventative maintenance.

Related Resource

The definitive guide to IT security

Protecting your MSP and your customers

The definitive guide to IT security for MSPs - whitepaper from LiongardDownload now

However, each of these endpoints represents a potential security threat to the business.

According to The Cost of Insecure Endpoints report from the Ponemon Institute, 55% of vulnerable endpoints contain sensitive or confidential data. If these endpoints are lost, stolen or otherwise accessed by a malicious actor, for example through spyware, this data is at risk. Not only that, but a compromised endpoint can allow a bad actor access not only to the information stored on it or passed through it, it can also offer an opportunity for such an individual to infiltrate the corporate network itself.

Therefore, IT has had to turn its attention to implementing endpoint and data security solutions in addition to network security to ensure businesses' data remains secure.

What is endpoint security?

Endpoint security is the practice of protecting individual user devices that connect to a corporate network, as well as the confidential data they hold. Typically, this is applied through the use of centrally managed software that communicates with client software installed on each device.

Like any other security policy, endpoint security protects against existing and emerging threats to software, although devices tend to be targeted most often by the likes of trojans, which are designed to spread the reach of botnets, or occasionally ransomware.

Given that endpoint security is often offered as part of a software package, capabilities can differ depending on the provider. Most basic suites will offer antivirus protection, antispyware functions, firewalls, and host intrusion prevention systems (HIPS). You might also find data loss prevention, email encryption, network access control, endpoint detection, and application whitelisting services offered as part of the package, although the way these are deployed might vary and not all of them will be discrete options.

Endpoint security implementation best practices

A person checking their smartphone while typing on a laptop

What configuration of endpoint security services will be most effective will depend on the business you’re in. For example, a business that operates a bring your own device (BYOD) policy, or has a large number of IoT sensors deployed across a manufacturing line, will have notably different security needs over a business that runs a single traditional office environment.

However, there are some basic principles that every business will need to follow if they hope to get the most from endpoint security.

Know the risks

When planning this kind of security strategy, it's important to know what your endpoint landscape looks like. This can include a survey of your IT estate (company-issued laptops, PCs and smartphones, for example) as well as an audit of what personal devices access corporate data and which users they belong to.

It's also important to understand what data is passing through your endpoints. This can help establish an access management policy not just by the user but by the endpoint, which can help catch security threats early through behavioural analysis.

It's also worth keeping in mind any regulations in your industry, such as GDPR, that could dictate who is able to access what data.

Deploy endpoint protection

Antivirus on the endpoint is not enough nowadays. Endpoint security needs to cover as many threats as possible, so protection software needs to offer malware protection, application whitelisting, access control and so on.

Add layers

Sometimes, one endpoint protection suite isn't enough. You may find that it's better for you to add dedicated antimalware, plus a separate access control or containerisation system, plus a level of artificial intelligence or machine learning to help detect divergence in normal behaviour or unknown devices trying to connect. However, bear in mind you will also need to manage all these setups, so a single solution that fits your needs as closely as possible may be more practical.

Amid all this focus on endpoints, it's also important not to forget the network perimeter. Corporate firewalls, data encryption and segregation are all still vital components of any security strategy.

Endpoint security in 2021

A group of employees on a conference call while they work from home

Endpoint security and the way it is conducted came under some significant reconsideration in the last 12 months, with the main reason being the global pandemic.

Of course, it’s not the virus itself which is responsible for the review of endpoint security, but last year’s mass shift to remote working caused by government-imposed lockdown restrictions and the closure of many offices. Working from home, although not a completely new concept, has been becoming more popular in the last few years, and the mandatory stay-at-home orders managed to add evidence to the argument that employees don’t need to come into the office in order to work productively  as well as securely.

This is why, despite the UK’s vaccine rollout being well underway, many employees are not jumping to their feet to return to the office, with a study conducted during the first national lockdown finding that less than a quarter (24%) of respondents were willing to return to the office full-time. However, the same study also found that only a third of respondents were “completely confident” that remote working security would keep them safe from cyber attacks. At the time, it was also reported that one in four employees were using a personal laptop for home working, with half of them admitting to storing work files on their personal device, raising serious concerns about the security of business information.

Although 2021 is expected to maintain a lot of the same habits as 2020, including mass remote working, IT teams may be better equipped to handle it based on the months of experience that they’ve already accumulated.

However, there are other endpoint security challenges looming on the horizon which coincide with the emergence of the post-pandemic hybrid model of working, as offices slowly reopen their doors. A recent example is Salesforce, which has announced that its employees will have the choice of three working models; flex, fully remote, or office-based, with its San Francisco premises set to reopen in mid-May, under the condition of a  proof of vaccination. Prior to the pandemic, around 18% of Salesforce employees were fully remote, with the company now expecting that number to eventually sit at around 20%, as the majority of employees are expected to choose a mix of home and in office.

Combining remote working with in-office might prove troublesome to oversee from a security standpoint, especially if employees choose to keep their home and office devices separate instead of BYOD, as travelling with a business laptop, especially using public transport, might also be considered risky.

IT teams will have to be mindful of what kind of devices staff are using, as well as ensure that the equipment has parallel and consistent software installed - this may force some businesses to roll out fairly restrictive policies.

This said, many companies will, for now, maintain a wholly remote working model, especially in the UK, where lockdown restrictions are still in place.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

US, UK say Russia was behind SolarWinds hack
cyber attacks

US, UK say Russia was behind SolarWinds hack

16 Apr 2021
1Password targets enterprise customers with Secrets Automation
IT infrastructure

1Password targets enterprise customers with Secrets Automation

14 Apr 2021
PowerShell threats increased over 200% last year
cyber security

PowerShell threats increased over 200% last year

14 Apr 2021
Russia launched over a million cyber attacks in three months
hacking

Russia launched over a million cyber attacks in three months

13 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
NSA uncovers new "critical" flaws in Microsoft Exchange Server
servers

NSA uncovers new "critical" flaws in Microsoft Exchange Server

14 Apr 2021