How to protect your endpoints
With more people than ever working from home, it’s vital to ensure that laptops, mobiles and PCs are secure
Your staff may be keeping their distance during the COVID-19 pandemic, but cyber criminals aren’t. On the contrary, 2020 seen a huge increase in cyber attacks, as workers have moved outside of the company firewall - often on laptops that lack proper protection against intrusions and malware.
Barely a day passes by without news of a security breach. The UK government's Cyber Security Breaches Survey 2020 found that almost half of businesses (46%) and a quarter of charities (26%) reported having suffered data breaches or attacks in the last 12 months.
These attacks can end up being extremely costly to businesses, too. A recent report from IBM and the Poneman Institute found that the average cost of a data breach in 2020 is $3.86 million (£2.92 million). This is a 1.5% drop from the cost in 2019, but still a 10% rise over the last five years. IBM's report also stated that, although the average cost of a breach is relatively the same, the costs are getting smaller for prepared companies and much larger for those that aren't taking the right security precautions.
It’s no mystery how this situation came about. When the pandemic was declared, many smaller businesses found themselves suddenly forced to embrace remote working, with no time to formulate proper security policies and implement a managed transition. By now, though, your workers’ laptops, workstations and mobiles really ought to be properly locked down: if they’re not, it’s high time you took action.
The good news for SMBs is there’s a wealth of affordable solutions on the market that can be deployed in minutes. They all perform real-time malware detection and prevention services, and many also offer protection against dodgy websites, email scanning and more.
The first question is whether you want your end point solution to be managed locally or in the cloud. The local approach gives you maximum control, and can suit organisations where everyone’s located in the same office – but you’ll need to provide your own host system to run the central server component, and things get more complicated if your users start moving between multiple locations, or indeed working from home.
In most cases, therefore, cloud-hosted endpoint protection works best. Once you’ve set up your cloud account, you can use a secure web portal from anywhere to centrally manage all endpoint protection components, regardless of their physical location.
In order to manage your endpoints, each one will need to have a software agent installed. This can normally be downloaded from the cloud portal; for a home-based workforce, a better solution might be to email each user a download link. If you take this route, it’s a good idea to tell remote workers to expect the email and what will happen when they click on the link. In most cases, an agent takes ten to 15 minutes to install, link up to your cloud account, configure itself as per your preset security profile and immediately begin protecting the device.
Close protection detail
Whether your chosen solution is locally or cloud-hosted, there are a number of key features that should be on your shopping list. Malware protection is, of course, essential: the agent should prevent malicious software from getting onto a user’s desktop by continuously monitoring all entry points. After the initial installation, it’s also recommended to carry out a complete scan of the entire system to ensure there’s nothing nasty already hiding there. To be on the safe side, you can set up scheduled system scans to run at quiet times such as overnight, although this depends on your users leaving their computers switched on.
Best practices for protecting remote work
Staying safe and secure while working from homeDownload now
We recommend you choose a product that extends its protection to web activity too: this enables the agent to block access to suspicious sites before the user has a chance of exposure to malicious content. Many security products also offer category-based URL content filtering, which lets you block users from using their work laptop to access unproductive sites such as games, gambling and social media.
Agents need to be kept up to date with the latest malware signatures, so ensure that your policies are set to push them out to end points as soon as the vendor releases them. You also don’t want to run the risk of meddlesome users either disabling or removing the agent, so look for products that can protect their own settings with a password.
You’ve got mail
With so many people working from home in recent months, we’ve seen a big increase in phishing attacks, or legitimate-looking emails containing links to websites that try to download malware or trick the user into giving away sensitive information. Endpoint solutions vary considerably in how they deal with email-borne threats, meaning it pays to research them to see which one offers the features you need. All four products on review this month have the ability to scan incoming messages for malware, strip out infected attachments and block links to malicious sites. Not all include integrated spam protection, though: some lack it entirely, while others offer it only as a chargeable add-on.
Be aware that these protections can’t ever be perfect. The tricks and tactics used by scammers are constantly evolving, and sooner or later something could slip past your end point solution. We recommend training your remote workers to recognise possible phishing attempts, and giving clear advice on how to handle and report them.
When it comes to protection against malware and hacker attacks, the primary focus is naturally on laptops – but smartphones and tablets aren’t immune, and these need protection too. Particularly as we move through the cycle of the pandemic, and with the promise of widespread vaccination in 2021 thanks to Pfizer and Moderna, there's a greater chance we'll be agile again – working in coffee shops, on the train into the office or between meetings while we're out and about. This means exposing more endpoints to potential threats.
Other useful features include app and device controls. These allow you to block certain types of apps from being run on remote workstations, and prevent company data from being copied to removable media.
Alerting and reporting functions are important too, warning you right away if any of your users are under attack. You should have the option to receive email alerts whenever a security event occurs, meaning you can deal with it before it can spread and cause mayhem; the management dashboard should also bring the details to your attention so you can take immediate remedial action.
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Evaluate your order-to-cash process
15 recommended metrics to benchmark your O2C operationsDownload now
AI 360: Hold, fold, or double down?
How AI can benefit your businessDownload now
Getting started with Azure Red Hat OpenShift
A developer’s guide to improving application building and deployment capabilitiesDownload now