Why endpoint security should be your first line of defence
With the way we work changing, endpoint security is more vital than ever
Once upon a time, keeping track of devices connected to your business network was simple. Having a single desktop or laptop assigned to each employee – with only a few exceptions – made things relatively easy to manage.
But like the mythical Hydra, which grew two new heads for every one that was cut off, IT departments are now faced with the Herculean effort of keeping track of an ever-increasing profusion of devices. The average employee may be accessing company systems from a variety of laptops, smartphones and tablets, while the growing bring your own device (BYOD) trend has accelerated the use of personal hardware being used for work. Add to that the rise of IoT, and there are even more endpoints in the mix. And this is even before 2020’s coronavirus pandemic and the mass-remote-working shift it has precipitated.
In this environment, endpoint security is more important than ever. But what exactly are the risks – and what can organisations do to combat them?
A profusion of endpoints
Endpoints are the devices through which a user accesses an enterprise network. Consequently, they are also points of entry through which a malicious actor might be able to gain access to critical company data and systems. As already noted, the number of endpoints used to be far more limited, and therefore easier to monitor and protect. But advancements in technology have resulted in an increase in both the number and diversity of the devices that may be connected to your company’s systems.
The average employee is likely to have at least one smartphone or tablet connected to your network – probably without even considering the potential risks. Couple that with the ever-increasing variety of internet enabled tech such as IoT devices, not to mention the humble printer, and it’s easy to see how an IT department could quickly lose track of all these endpoints.
Understandably, endpoints have become a popular target of cyber criminals. Cyber attackers only need to get malware or another intrusion through one unsecured endpoint to gain access to your network – with potentially costly consequences for your organisation. For instance, in April 2018 a hacker was able to use a NASA employee’s Raspberry Pi to access the Jet Propulsion Lab’s network. With the NASA admins unaware of the device’s presence, the attacker was able to operate undetected for 10 months, stealing 500MB of data including information regarding the international transfer of restricted military and space technology. The threat landscape is ever-changing, with intrusions growing ever more devious and elusive.
The 2020 lockdown has only exacerbated endpoint vulnerabilities. Rather than the majority of workers accessing your systems from within the office, employees will be logging on through potentially unsecured home Wi-Fi networks. Interpol and the FBI are among the security organisations that have warned of a huge increase in cyber attacks since the emergence of COVID-19. At the same time, remote working has made it even harder to maintain oversight of the number of endpoints your IT department has to deal with. Defensive perimeters have been left more porous than ever before. An endpoint security policy is essential.
Securing your borders
There are some key steps that an IT department needs to take to ensure robust endpoint security.
The first is to identify your endpoints. To cover your vulnerabilities, you must first be aware of them. Of course, to maintain a full census of your endpoints manually among the increasing amount of devices is almost impossible for all but the smallest companies, and as NASA learned, even one left unaccounted for can result in a major breach.
Fortunately, there are systems available that allow you to run an automated inventory of your endpoints. For instance, Quest KACE Systems Management Appliance includes an inventory and IT asset management feature that allows you to discover all the software and hardware installed across your network, enabling visibility over the entire connected environment.
With full visibility over your endpoints, the next step is to secure them so that they cannot become means through which malicious actors can infiltrate your network. KACE Systems Management Appliance not only inventories your endpoints but monitors their status, allowing IT departments to identify any hardware in need of updating or further protection. Updates and patches can be executed remotely – a particularly valuable ability now that many employees are working remotely rather than in the same office. It also tracks endpoint compliance, ensuring that you can easily track software licenses and stay within agreement terms.
With techniques including device encryption, virus protection and patching, effective endpoint security can identify and halt malware and other attacks before they can penetrate any further into your systems, while ensuring that your devices maintain the highest and most up-to-date level of protection.
By maintaining the visibility and security of your endpoints, businesses are able to confront the security challenges created by our changing working practices, increasingly dispersed networks and multiplying devices. Without addressing these issues, companies are leaving themselves wide open to attack.