With all the attention on protecting company networks and data against threats from the net, the endpoint is becoming the new security blind spot. Companies need to pay closer attention to the security status of the endpoints in their ecosystem and watch what their employees are doing on their computers warns managed security vendor Securicom.
“The focus is now on newer and what are considered the more ‘important’ threats, like those that can impact the network, so endpoint security isn’t being watched. In a lot of companies, there is nobody checking how these endpoints behave when they connect to wifi, or controlling what sort of peripheral devices are being plugged into them, and if these are secure,” says Richard Broeke, an IT security specialist at Securicom.
“The assumption is that with the basics like antivirus and the like are installed, the endpoint is secure. But, when was the last time anyone checked if the software is configured correctly; or if changes have been made that make the system vulnerable?
“When endpoint security isn’t managed, companies have no idea how critical and sensitive business information is accessed, shared and manipulated on disparate computers across the organization,” Broeke adds. “Companies seem to have lost sight of the fact that every unwatched endpoint is a gateway for a host of security threats.”
There are a few endpoint security essentials that companies should have to protect assets and information from abuse by employees, malware and other risks. Effective technologies should be in place to protect and monitor assets within the IT ecosystem, and the information that is stored on them.
For instance, every endpoint should have its own firewall to protect it against threats that don’t originate from the internet, such as those spread via email or infected discs. A desktop firewall will also stop unsolicited outbound traffic from infected computers, which could lead to infections and security breaches in other computers and external programs.
There should be controls in place to prevent employees from copying sensitive information onto moveable devices. If they are authorized to store or move sensitive data on a portable device or memory stick, restrictions should be in place to protect information with encryption. Companies should also be able to get a view of the entire ecosystem, and the security status of each and every endpoint.
Instead of purchasing and maintaining various point solutions, Broeke says companies should rather consider a centrally managed, cloud based system.
“You don’t want to end up buying various point systems to tackle each issue or office separately. Appliance based security is more difficult to manage, especially if updates and configurations need to be done on individual systems,” says Broeke.
With an effective, centrally managed endpoint security solution, security updates can be routinely applied, and authentication and access rules can be enforced. It also offers the ability to limit or prevent the use of peripheral devices on company computers, as well as implement mechanisms to control which applications and business information certain levels of employees are permitted to access.
When rules are broken, company resources are abused, or security on a device is outdated, the administrator is alerted and can take action to remedy to problem. A centrally managed endpoint security system also assists with the effective, efficient and safe onboarding and decommissioning of company assets.
According to Broeke, managed, cloud-based security services, contrary to common perception, typically have a lower cost of ownership and ensure that IT security costs are predictable. Notably, this brings a holistic set of best-of-breed technologies within the reach of more modest budgets.
He adds that companies need to think beyond antivirus and perimeter security if they want to stop the endpoint from becoming a security blind spot.
“A network firewall and unmanaged antivirus software are just not going to cut it.”