[BreachExchange] Why Endpoint Security is So Important for Startups

Tue Jun 19 18:53:52 EDT 2018

https://www.technology.org/2018/06/14/why-endpoint-
security-is-so-important-for-startups/

Entrepreneurs have many details to think about when launching their
startups. Unfortunately, one detail that’s often left untended to, or only
given minimal attention, is cybersecurity.

The lack of attention to cybersecurity stems from a number of reasons. For
starters, a startup’s priorities are often different than an established
business’s; they are often focused on growth and getting up and running,
with the assumption that they will deal with securityand other details
later on. Other times it’s simply a matter of a startup underestimating the
risks to their business. Despite evidence to the contrary, many small
businesses still don’t believe that they are a target of hackers. They
falsely believe that cybercriminals are more interested in larger targets
and won’t bother with their data.

And when it comes to endpoint security in particular, startups tend to fall
into one especially dangerous trap. Because most startups use the cloud and
cloud-based applications to manage their enterprise, they develop a false
sense of security about their data. After all, if nothing is actually
stored on computers, mobile devices, and other endpoints (like
multifunction printers, etc.) then there is no need to worry about
protecting them. The fact is, though, the very tools that allow
entrepreneurs to “work from anywhere” and build their businesses on their
own terms are often the same things that lead to costly data breaches and
other security breakdowns.

What Is an Endpoint, Anyway?

Before we begin the discussion as to why endpoint security needs to be a
priority for your startup, it’s useful to define an endpoint. In the
simplest terms, an endpoint is any device that is located outside of a
corporate firewall, but that connects to and sends and receives
communication over the network. Therefore, an endpoint is literally every
device that connects to your network, from the computers and smartphones
your employees use to the IoT-enabled coffeemaker in the break room that
automatically brews a pot of java at 8 a.m. each day.

Every single endpoint represents a potential entry point for a criminal to
access your network. Without the proper security measures in place, a
hacker could access, say, your wireless office printer, and steal all of
your customer data. It’s more likely that an attack will come via a laptop
or mobile device, but the fact remains that anything connected to your
corporate network needs to be protected.

Alright, So What’s Endpoint Security?

Endpoint security refers to the tactics you use to keep your endpoints safe
and avoid attacks. Usually, endpoint security is a multifaceted approach
that protects the endpoints on several levels. It’s typically focused on
keeping the bad guys out. Some of the ways to implement endpoint security
include:

User management. This means controlling who has access to your network and
devices, and how they gain access. This typically includes password
protocols, restricting administrative privileges, and usage policies,
Mobile device management is often part of this type of endpoint security.
If a device is lost or stolen, or otherwise compromised, your IT team may
have the ability to remotely lock or wipe the device to protect the network.

Encryption. Implementing encryption on endpoints is a key part of keeping
data safe. It’s not a difficult process and can keep the data stored on
corporate devices safe from prying eyes.

Antivirus and Malware. Antivirus protection is a cornerstone of endpoint
security efforts. Many users still believe that they don’t need antivirus
and malware protection on their mobile devices, but that’s simply not the
case. With increases in phishing attacks, ransomware, and other viruses
that can compromise your startups data, regularly updated antivirus
protection is key.

Updating and patching. Machines that don’t have the latest updates and
patches installed are often the most vulnerable to security breaches. A
plan to keep everything updated is part of a comprehensive security
strategy.

A Compelling Reason Why

All of this leads back to the original question: Why is endpoint security
so important to startups?

One of the greatest assets that any startup has is intellectual property.
Your ideas, business model, product plans, customer lists… everything that
you have stored on your network is valuable to your business. Should a
hacker, either as a crime of opportunity or as a deliberate attack on you,
access that IP, you stand to lose competitive advantage and income – and
potentially, your entire business. That’s not even considering the
potential financial impact that a data breach could have on your company if
customer data is exposed. Without the right endpoint protection, it’s
possible that your startup could crash before it ever gets off the ground.
So, make it a priority, and keep your data and your business safe.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180619/6ef0eb45/attachment.html>