The shift to hybrid working models has transformed the role of endpoint security in the modern enterprise. As a recent report from Gartner makes clear, remote work is now just work. 64% of employees are now able to work from home and two-fifths of them are actively doing so. "The movement to hybrid (or remote work) is a durable trend with more than 75% of knowledge workers expecting future hybrid work environments," the report concludes. "From a security perspective, this requires a total reboot of policies and tools to better mitigate risks."
This is a big deal for resellers and MSPs. IT teams charged with managing and securing a dispersed workforce face countless new points of vulnerability. Those who relied on their traditional network and perimeter-based security models are likely to find – perhaps painfully – that they no longer deliver the protection needed. That’s why channel partners need to step in to help their customers protect their endpoints, making the most of new capabilities like AI and automation to give them more oversight and control.
1. Start with Zero-Trust
Once you’re securing endpoints both inside and outside the corporate network, the classic network security architecture of perimeters and firewalls breaks down and you need a new model to replace it. Zero-trust security isn’t a technology or a set of features, but an approach that makes no assumptions about which endpoints, infrastructure, programs or processes can be trusted, and instead uses intelligence and automation to monitor and hunt for threats. When every action is checked and classified and anomalous behaviour found and blocked, you close down the chances of a compromised endpoint resulting in a serious breach.
With the right technology and services in place, MSPs and businesses can build zero-trust into their endpoint security solutions and start delivering threat detection and remediation capabilities that protect their customers from attack.
2. Layer up and get smart about security
Antivirus products and network firewalls are no longer enough. Endpoint protection involves multiple layers of security, both on the endpoint itself, in the network and running from the cloud. Endpoint protection platforms combine real-time protection and reporting with advanced detection aided by security analytics and real-time intelligence feeds. Endpoint detection and response systems monitor continually for behaviour linked to new exploits, advanced persistent threats and fileless attacks, with everything rooted in zero-trust.
The most effective of these solutions make extensive use of automation and AI, incorporating machine learning and deep learning for continuous monitoring, detection and protection in a way that neither adds to the workload of the IT team nor slows end-users down at work. They also work perfectly within managed services and solutions, giving providers the chance to offload work from their enterprise customers at the same time as strengthening their endpoint protection. What’s more, the more data MSPs can capture and analyse from a range of customers, the better equipped those automated, intelligent systems will be at detecting and warding off incoming threats.
3. Centralise through the cloud
Managing security through a central, cloud-based platform just makes sense. You can monitor endpoints whether they’re on premises or remote. You can apply policies and monitor security from one location using one set of tools. Not only can you manage security, but updates, vulnerabilities, encryption, licensing, privacy and more.
From a reseller or MSP perspective, centralising through the cloud is even more beneficial. As well as the operational efficiencies in handling everything remotely, it becomes easier to protect and manage multiple customers in less time and without hiring new staff. It also helps ensure visibility across more complex or fragmented network architectures. When threats emerge or customers have concerns, you’re in a better position to have all the relevant answers.
4. Simplify and consolidate
While a layered approach is a necessity, that doesn’t mean you want to manage a wide range of security solutions and tools from an equally wide range of providers. This makes it difficult to build up in-depth knowledge, and often results in having solutions in place that overlap, waste time and effort or potentially conflict. You also don’t want solutions that require new IT infrastructure on the premises, or add new tools and processes to learn, adopt and update.
That’s why it pays for MSPs and channel partners to work with a small set of solutions using a minimal set of tools and make the most of built-in automation and integration with existing platforms. Simplify and consolidate, and it’s easier to scale-up, optimise and deliver effective, cost-efficient solutions.
5. Partner with a specialist
MSPs need more from a security vendor. They need specialist expertise, a depth of knowledge and continuous training to help maintain a view across what can be a fast-moving threat landscape. They need solutions and services they can tailor to their customers’ needs, and technologies that evolve to match new security demands. And if that vendor can also provide integrated solutions, automation, consolidation and simplicity, it becomes easier to drive new business and deliver a great service to customers new and old.
WatchGuard EPDR brings together Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) capabilities into one easy-to-buy product for maximum security against sophisticated endpoint threats. It protects users from advanced threats, APTs, zero day malware, ransomware, phishing, rootkits, in-memory exploits and malware-less attacks, and also provides IDS, firewall, device control, and URL and content filtering capabilities. EPDR uniquely automates the prevention, detection, containment, and response actions for ultimate security that is easy to manage and deploy.
WatchGuard EPDR is managed in WatchGuard Cloud, providing a single pane of glass view into the entire WatchGuard Unified Security Platform. Offering a single, centralized interface for delivering and managing network security, advanced threat detection, MFA and endpoint security, WatchGuard Cloud delivers efficient management flows and the utmost in security visibility.
To find out more about WatchGuard and how it’s transforming security for resellers and MSPs, please visit https://www.watchguard.com/wgrd-partners/security-of-one-partner
