Endpoint management is key to shrinking the threat landscape during rapid technological change.
The COVID-19 pandemic has meant nothing but opportunity for hackers seeking to exploit vulnerabilities in corporate networks.
The closure of offices has pushed millions of workers into remote settings, where many rely on unsecured Wi-Fi networks and a mix of work and personal devices that are not protected by the usual firewalls. The result? An unprecedented spike in the number of phishing, ransomware and other cyberattacks.
During the first two months of the pandemic, 90% of companies in the U.S., U.K., France and Germany saw an increase in the frequency of cyberattacks, according to a Tanium survey.
The examples aren’t hard to find. Nefarious phishing campaigns have targeted users of Microsoft Teams, a collaboration hub that’s grown in popularity with the rise of remote work. Cybercriminals have also launched attacks against pharmaceutical companies aimed at stealing proprietary vaccine research.
None of this should come as a surprise. Even before the pandemic, the ability of organizations to fend off cyberattacks was strained, as major digital-transformation investments brought countless new endpoint devices onto their networks, creating new vulnerabilities.
“Because employees are out of the office, they can’t rely on traditional protections, such as the corporate firewalls, which would otherwise block malicious traffic from unknown or unclassified websites,” says Andrew Jaquith, CISO of QOMPLX, an analytics and insurance software firm. “Instead, CISOs need to rely even more on their endpoint controls to maintain visibility and enforce web protections.”
As companies invest more in digital technology initiatives, they need to manage and protect endpoint devices more effectively and at scale. Here are five approaches companies should consider to help keep their networks secure.
Explore EM solutions
Enterprise endpoints have become a weak link in cybersecurity. About one-fourth (28%) of respondents in last year’s SANS Survey on Next-Generation Endpoint Risks and Protection reported that attackers gained access to their networks through endpoints in PCs, smartphones, tablets, printers and the ever-growing number of internet-connected devices.
“Having an endpoint security solution is by far the most important step an organization can take today for preventing systems from being compromised,” says Dan Dahlberg, director of security research for BitSight Technologies, a cybersecurity ratings company. “You need asset discovery and management to know what devices exist and what they can access in order to apply security policies to them.”
The SANS survey also showed that, while employer-owned devices like desktops and laptops are centrally managed 73% of the time, employer-owned mobile devices such as smartphones are monitored only 53% of the time.
That’s one reason why IT security professionals are increasingly implementing endpoint management (EM) solutions. These tools can help organizations secure and fortify vulnerable devices, helping IT to identify, protect, detect and respond to threats.
Endpoint devices, Dahlberg says, “are coming and going all the time, with huge security implications.” With millions of employees around the planet working remotely, a more unified approach to endpoint management is the only practical solution, he adds.
Map the entire IT environment
With increasing size and complexity of corporate networks, CIOs and CISOs need real-time endpoint visibility — a complete picture of how many devices are on the network at any given time, where they’re located, who owns and is using them and, perhaps most importantly, whether they’re adequately updated and patched.
“Companies with the best security approaches tend to have a good understanding of what normal access patterns look like and are able to flag behaviors that are outside the norm,” says Erin Edkins Ludert, a data scientist with email security firm Abnormal Security.
Most organizations aren’t there yet. It’s not that they’re ignoring the need for solutions to enable better endpoint visibility. Almost half (47%) of executives in Tanium’s survey plan to invest in such technology as people begin to return to the office in the months ahead.
One problem is that more than 9 in 10 CIOs and CISOs are making uncomfortable tradeoffs between security hygiene and operational priorities, according to a 2020 Tanium IT Resilience Gaps study. Often one or the other is shortchanged as overworked IT pros, charged with supporting distributed workforces, are short on bandwidth.