subscribe: Daily Newsletter

 

Endpoint security must not be forgotten

0 comments

The consumerisation of IT means that companies’ intellectual property and intelligence is dispersed on users’ devices and laptops. Most users have security in the form of antivirus and anti-spyware. These have become a given.

“Not so,” says Richard Broeke, an IT security expert at Securicom, a leading managed IT security services vendor.

“Security basics like antivirus and anti-spyware have become such a ‘given’ that nobody pays attention to them anymore. When last did you see anybody calling to hire an antivirus specialist?

“IT departments are focused on other newer and more ‘important’ threats, like those which impact the network. They expect the basics to keep ticking over, so endpoint security isn’t being watched. There’s no monitoring of how these endpoints behave when they connect to WiFi, or control over what sort of peripheral devices are being plugged into them, and if these are secure. In most companies, nobody is monitoring how critical and sensitive business information is accessed, shared and manipulated on disparate endpoints.

“The basics are installed but who’s checking if the software is configured correctly or if changes have been made that make the system vulnerable? Who’s checking if updates are being applied with the required frequency?

“All the ‘old’ risks are being neglected. Yet, each and every unwatched endpoint is a hole in a company’s IT security armour,” says Broeke.

A lot of companies have lost their grip on security on IT assets. Employees have relatively-free reign to plug-in whatever peripherals they choose, and access, extract and manipulate company information at will, opening-up the network to security risks.

For instance, employees can unwittingly deposit viruses and other malicious content onto company resources by plugging-in infected peripheral devices like iPods, cameras and memory cards. Employees’ unbridled access to information on company systems poses a more sinister threat.

The growing mobile workforce poses its own problems. Just a few years ago, most employees used their computers at work, within the relatively safe confines of the network firewall. Now they’re roaming, outside the network perimeter, and connecting to it from home, airports and restaurants. This issue with this is that information – the lifeblood of any business – is vulnerable. The network, which they connect to using unsafe connections, is also vulnerable.

“Companies need to refocus on the endpoint. Effective technologies should be in place to protect and monitor assets within the IT ecosystem, and the information that is stored on them. Companies should be able to get a view of the entire ecosystem, and the security status of each and every endpoint,” says Broeke.

With an effective, centrally managed endpoint security solution, security updates can be routinely applied, and authentication and access rules can be enforced. It also offers the ability to limit or prevent the use of peripheral devices on company computers, as well as implement mechanisms to control which applications and business information certain levels of employees are permitted to access.

When rules are broken, company resources are abused, or security on a device is outdated, the administrator is alerted and can take action to remedy to problem. A centrally-managed endpoint security system also assists with the effective, efficient and safe on-boarding and decommissioning of company assets. It’s not difficult to replace a laptop, but recovering the exposed information can be a massive undertaking.

“Companies can regain control of endpoints and ensure that their intellectual property is secure with a centrally-managed endpoint security solution. From a commercial perspective, opting for an encompassing endpoint security managed service turns antivirus spend into a monthly service spend. It’s more cost-effective, and its puts companies in control of their information again because it goes beyond just antivirus,” concludes Broeke.