Endpoints are turning into biggest security nightmare for enterprises, IT News, ET CIO | #government | #hacking | #cyberattack


By Sachin Kumar

Businesses generally have followed the model of protecting their business critical servers from possible cyber attacks over the years. They never really envisioned regular devices such as user endpoints and operational systems as a possible avenue for such attacks. But as the industries and technologies evolve and with the COVID-19 forced digital transformation and remote work culture, it has become clear that endpoints are more favored by attackers and considered easier attack targets, yet somehow companies are still oblivious to this fact.

So, it is essential for organisations to plan their IT security strategy with active focus on safeguarding the endpoints that are widespread. Experts suggest that as a company grows, the attack surface also grows with the increase of endpoints. For any organization be is a small or big enterprise, one way to shut out this danger is to secure the endpoints by building strong detection and response systems.

Change in mindset warranted

Endpoints are basically referred to all the devices that act as a front-end for the employees. It could be a smartphone, Wi-Fi routers, laptops or any point of access where the data resides. The culture of Bring Your Own Device (BYOD) has been a catalyst for attacks at these endpoints, and with growing advent of remote working, securing the networks running through these devices is critical.

Endpoint security solutions make sure that the devices are secured at their entry point and with the evolution of next generation XDR solutions, the same protection can be extended to the network as well.

Extending the security perimeter beyond the business critical servers is a much-needed shift that helps you thwart various forms of attacks on the organization. In fact, an IDC report in 2016 highlighted that 70% of successful breaches originate from the endpoints. “The Third Annual Study on the State of Endpoint Security Risk” has reported that New and unknown threats against organizations have seen an increase of 73% in 2019.

The JP Morgan data breach in 2014 is a prime example of how any laggard approach towards endpoint security can damage a company. Investigation reports after the breach indicated that hackers accessed data from JP Morgan server by exploiting an employee’s personal computer via infecting the system with malware that went undetected through the device. Giants like JP Morgan spent millions on cybersecurity but most of it was at the server end. Attackers might have observed this pattern and decided to focus on entering its system through the endpoint. The Third Annual Study on the State of Endpoint Security Risk by Ponemon Institute revealed that 68% organisations were victim of endpoint attacks in 2019.

Observations like this drive home the point that endpoints security needs to be taken seriously, or businesses can suffer a major loss.

Varied forms of attack

Attackers prefer to breach the network through varied forms. It could be demanding ransom from companies or businesses are targeted for stealing their intellectual property. Remote working makes it hard for businesses to deploy a unified solution, with its ever-changing work dynamics and geographical position.

Most hackers resort to stealth techniques and zero and one day exploits that become hard to detect for the IT team within a company. Sometimes, these attacks mostly prevail owing to cheap phishing measures, wherein a person, unknowingly clicks on malicious links and gives access to the hacker.

You might say that setting up virtual private networks or VPN goes a long way to ensure network protection. But it is hard to ensure that all endpoints accessed remotely are properly configured to use the VPN network set up by the company for its employees. Millions of smartphone and computing devices are sourced by various IT teams for companies around the world every year.

Hence, it is no longer viable and safe for a company to assume these devices as the low hanging fruit of their overall security setup.

Best means to tackle the menace

Now that we have highlighted the growing need to take endpoint security seriously and fast. It is time to walk through the basic measures to adopt which helps you prevent and avoid mishaps before it reaches the source destination. Most of you might say that setting up a wide net for thousands of devices can be a herculean task. But IT experts have found the issue and thankfully they have a built a portfolio of endpoint protection services that every business needs to deploy pronto.

Thankfully, IT security firms have devised not one, not two, but multiple ways to prevent or detect possible intrusion into the network through remote channels.

First up, you have endpoint encryption, which ensures that all the data is secured and even if someone gets hold of it, they will need to have encryption keys to decipher the content stored inside. This way, companies can make sure their data remains inaccessible to any third-party actors who do not have the key to unlocking the data.

Companies should ensure all endpoints have Extended Detection and Response or XDR solutions installed that helps the IT security teams to monitor, detect scan and respond for any attack, anomaly and vulnerabilities. Businesses should also ensure they have the mechanism to isolate the network in the event of a breach.

But the risks are not limited to devices. Like the case of breach at JP Morgan, emails have become a popular source of infiltration. So, it is imperative that businesses foolproof the email gateway software before deploying widely. They should add content filtering processes. The gateway ought to have virus and malware blocking mechanism in place. Securing emails could go a long way in keeping the data secure.

The effectiveness of a XDR solution also relies on robust quarantining and response mechanism in place. IT and Security teams need to be vigilant about dangerous file detected on the network and alerts generated by these systems and quickly investigate and respond to them either by isolating the systems or blocking and removing the threat.

By now, you would probably agree that endpoint security strategy is very much required for any organization of any size. Because, the last thing you want is a malware-infected email crippling the whole organization, just because you didn’t want to spend on securing all the access points.

The author is Vice President Technology, eSec Forte Technologies.





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

+ 64 = seventy