Endpoint security: How to shore up practices for a safer remote enterprise
It’s a long-held belief that enterprise IT teams are overworked. It’s also considered common knowledge that their jobs have only gotten harder in the days since workforces went remote. Unfortunately, steep consequences for network security have surfaced because of the sudden shift to the work-from-home world.
According to a recent report by Netwrix, 85% of organizations reported that they sacrificed their common security protocols to get their workforce up and running remotely. On top of this, 63% reported an increase in the frequency of cyberattacks. Another study by Micro Focus showed that approximately 45% of companies believe their increased security threats are due to the volume of unmanaged devices.
What endpoints have to do with it
In the modern cloud-based application era, securing hardware is often neglected, so the volume of unmanaged devices noted above is not surprising. Endpoint management is hard, it’s boring, it’s time-consuming — but it’s nevertheless extremely important to a robust security strategy.
Why? Bad actors know that machines aren’t getting configured and maintained at the rate at which they should. This makes them ripe for exploitation. One of the easiest ways to attack corporate networks is through a machine that is not configured correctly or that hasn’t downloaded a patch to shore up a certain vulnerability.
And once a bad actor has found its way in, it can take a very long time to figure out that a breach has occurred. According to IBM’s 2020 Cost of a Data Breach report, it took companies an average of 207 days to identify a security breach and another 73 days to contain.
Given that much of the research was conducted prior to COVID-19, most respondents indicated through supplemental surveys that these estimates were actually even higher in reality. Seventy-six percent noted that remote work made responding to a potential data breach more difficult.
Given this, basic endpoint hygiene and routine or on-demand system health checks would go a long way toward eliminating unnecessary breaches as well as identifying when and where they occur. But nothing is really this simple. Health checks can be a strain on a network on a good day. The pandemic makes performing scheduled checkups exponentially harder given bandwidth constraints.
Endpoint management: Scaling for a new world
VPNs have been under significant strain throughout the pandemic, and bandwidth is at a premium. This is part of the reason we’re seeing such rapid migration to the cloud. While there are numerous benefits to this move, it still doesn’t protect actual endpoints. To do this, regardless of environment, you need to find an endpoint management solution that can scale rapidly and not affect network performance.
This requires a novel approach to drive continuous compliance and configuration management across the enterprise. Of note, the latest peer-to-peer solutions can check the configuration of local or remote endpoints, diagnose problems, and/or remediate any issues found. Because of the nature of peer-to-peer, these solutions can conduct routine and advanced endpoint management at massive scale, addressing hundreds of thousands of endpoints without bandwidth throttling or hindering network performance.
Workers don’t even realize their systems are being updated. Being able to protect endpoints at scale without degrading the user experience or getting in the way of business processes is a game-changer in the remote world. It means that you can institute or return to a regular endpoint management schedule.
The importance of automation
This is all great, but it still doesn’t solve the crucial issue of having the people to execute effective endpoint management — especially amid the surge of security alerts. Sumo Logic’s 2020 State of SecOps and Automation report shows that 56% of large companies are receiving 1,000+ security alerts per day and that such volume makes it nearly impossible for IT security teams to address issues in a timely manner. The same report found that 75% of respondents believed they would need at least three more analysts to handle alerts the day they were received.
This is particularly significant when you consider the current skills shortage in cybersecurity. Handling cyberthreats is not something just anyone can do. Osterman Research found that nearly six in 10 organizations are worried about filling cybersecurity roles. Of the respondents, two-thirds reported seeing less than five applications for newly opened cyber roles. This leads to key positions remaining open for months.
Amid this backdrop, finding the right automated solutions is the only chance enterprises have to tackle the volume of incoming threats and fortify defenses through endpoint management.
What to look for
Any solution should be able to both find and fix as many issues as possible without requiring human intervention or manual coding. Ideally, you’d be looking for something that can tackle 70-80% of the burden.
On top of this, any solution should be able to show staff what is happening on any given endpoint at any given time, allowing IT to monitor down to the device level, and zero in to see if a bigger problem might be on the horizon. With clear notifications sent only when attention is required, the best solutions don’t waste IT staff time; they can show exactly where a trained eye needs to go.
Additionally, they make it simple to deploy a custom solution for the problem. A number of good no-code solutions are on the market today. This can be a real time saver in addition to making it easier for lower-level staff to resolve issues quickly, which they may not have been able to do on their own previously. This also can make a dent in the skills gap.
Network security will only grow more complex in the days to come. By prioritizing endpoint management with a solution that can quickly identify and remediate issues without a negative impact on the network or IT staff, enterprises will be in a much stronger position to conquer our ever-evolving work environments.