[BreachExchange] Everything You Need To Know About Endpoint Protection And Why It’s Important To Your Business
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Dec 27 19:56:32 EST 2016
http://www.dabcc.com/everything-you-need-to-know-
about-endpoint-protection-and-why-its-important-to-your-business/
If you are a small business owner trying to manage all your own online and
network security, it can seem that there is a different issue to consider
every week. One of the latest concerns is mobile device protection and how
hackers and malware may be finding their way into your data and your
network through these devices.
To get started, a basic definition of endpoint security will be helpful.
Think of it as data protection security for the end-users of the system.
This includes helping to eliminate human error that can leave systems
vulnerable, but also in having a way to provide enterprise network security
from a central system. This would include all aspects of the network or
system including workstations in an office or company, servers and the
mobile devices used both internally as well as outside of the LAN (Local
Area Network) or through public Wi-Fi hotspots or other wireless
connections such as home wireless networks.
In general, most businesses will find that a good percentage of their
employees and customers access data on their system and through their
website or apps from outside of the LAN or the network. This means that
security has to be provided on these devices to provide encryption
security, firewall security and control over the device to be able to wipe
it should it be lost or stolen.
Do You Need Endpoint Protection?
The short answer to the question about needing endpoint protection is that
if you, or your employees, access your network or system through any type
of device outside of your own secure network you do need this system.
If you only ever login to the website or the cloud or use email from your
computer that is fully secured behind your system firewall, you may not
need endpoint security. As this is a very rare occurrence in any business
today, having the endpoint security system in place will be critical.
There is an increased risk as your company staff expands in number or in
the number of devices accessing the system that a hack can and will occur.
These devices, since they may not be running any antivirus software or
using VPN security (Virtual Private Network), they become the weakest link
in your security. Old operating systems or new systems that are not updated
may have significant known vulnerabilities that hackers can easily leverage
to gain access to the network through the device itself.
In addition, if the site they are logging into doesn’t use any SSL
certificates, there is no encryption of the information transmitted. This
means employee passwords and logins are readily visible and available to
hackers when employees are using unsecured or public Wi-Fi hotspots or
access points.
How to Get Started
With enterprise network security management policies in place, you can
start to implement endpoint security. You cannot do the reverse other than
to use SSL certificates and make requests of employees to keep their
devices updated or to download a specific antivirus or web based type of
firewall software.
By centralizing control with endpoint protection solutions that match these
systems to your full network security, you have a complete and
comprehensive approach to the system. Using the cyber security consultants
is a great way to complete a network scan, determine current
vulnerabilities and then complete a network security assessment.
>From this information, you can then work to create your specific policies
and protocols to address the identified security risks. This will typically
include requiring the use of a web application firewall on all devices,
including personal devices that employees may use in their job.
Other issues to include will be anti-virus software, personal email
authentication certificates, adding anti-malware protection programs and
developing specific policies with regard to registering and using personal
or company devices. Most businesses will require that all BYOD programs
allow the IT department to be able to wipe the device should it be lost or
stolen. When this is handled by a central IT command, it speeds up the
process of wiping data and virtually deactivating the device, eliminating
any concerns of hackers accessing the network from the device.
Zero-day Threats
Another important consideration for any type of endpoint security is the
ability to respond very quickly to known security issues. A zero-day
exploit occurs when a system or security vulnerability becomes known and
then an attack occur virtually with that same time period, often within
just a few hours of the detection of the issue.
While there is no way to predict zero-day attacks since it is often hackers
that determine the vulnerability and then immediately capitalize on it, it
is possible to use endpoint protection systems to help decrease the risk.
The use of the web application firewalls, network access protocols such as
two-factor authentication or multi-factor authentication and the use of
Wi-Fi protected access, also known as WPA2 for protection from any type of
attack over a wireless system will be critical.
Developing an endpoint security system is critical for your business. The
longer that the system is left without security, the greater the risk of a
data breach and a network hack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161227/9ddb4411/attachment.html>
More information about the BreachExchange
mailing list