Effective endpoint security has a different look in this era of cloud, BYOD, and IoT. Nagarajan Rajan, Vice President of Web Security at Barracuda, explains, “The explosion of mobile device usage and cloud-deployed SaaS solutions is creating security challenges for organizations of all sizes. Endpoint devices are consistently connected to the internet, which can expose them to threats from ransomware such as WannaCry, CryptoLocker, and other vulnerabilities.”
In light of the evolving cyber threat landscape, IT security has risen to become a top business priority. Respondents to PwC’s 21st Annual Global CEO Survey ranked cybersecurity as the most common concern among US CEOs, followed by over-regulation, terrorism and geopolitical uncertainty.
Rajan says, “Businesses and organizations are more focused than ever before on protecting their network environments by scanning endpoint devices for vulnerabilities, prior to joining their network.”
He adds that since malware often enters endpoints via infected PDFs and Office documents such as Excel spreadsheets and PowerPoint files downloaded from the internet, businesses turn to security solutions to protect their networks. They often use legacy antivirus (AV) solutions that focus on executable code/files and Dynamic Link Library (DLL) attacks on the device or downloaded to at the endpoint.
Common Endpoint Security Mistakes
Although security is a focus for businesses leaders, it’s common for managed services providers (MSPs) and value-added resellers (VARs) to discover mistakes when they begin working with a new client, whether they’re due to a lack of expertise or lack of resources to execute comprehensive endpoint protection. Rajan says the three most common endpoint security mistakes you will encounter are:
1. Endpoint security boils down to using an AV solution, which does not cover all threat vectors.
Your clients and prospects are familiar and accustomed to using AV, which detects and quarantines or removes known computer viruses. However, AV isn’t a silver bullet. Rajan says, “Endpoint protection solutions must also shield the end user and their mobile devices from multiple threat vectors such as email (e.g., spam, malware, spear phishing), web-borne threats from malware-affected websites, and external USB devices.”
Comprehensive endpoint security includes firewall protection, application profiling, intrusion prevention, web filtering, advanced threat and malware protection, antispam and network access control in addition to antivirus.
2. Businesses are unable to identify and isolate infected endpoints.
Without the right security solutions, malware can reside and operate on networks undetected for months or even years.
Your clients need greater visibility into their endpoints and any malicious activity that’s taking place there.
3. Businesses can’t prevent their organizations from further infections.
A study by international specialist insurer Hiscox found that small and medium-sized businesses (SMBs) were more likely to experience repeat cyberattacks in 2019 than in 2018, and 21 percent of larger firms experienced five or more attacks this year.
Staving off future attacks is a tall order for internal IT, responsible for all endpoints connecting to their network, regardless of whether these endpoints are managed by the company, the employee, or are the personal endpoints brought into the business by contractors or visitors.
“Because IT has little or no control over endpoints they do not manage, this can create a security hole within the network which must be mitigated through endpoint security,” Rajan says.
Furthermore, he adds, “Mobile devices require constant protection regardless of how and where they are accessing the internet from, for example, a Wi-Fi hotspot at a local coffee shop or the airport.”
Opportunities for VARs and MSPs to Help Their Clients Avoid Mistakes
By first assessing your clients’ operations and their risks, you can subsequently provide your SMB and enterprise clients with effective endpoint security solutions that can help them protect their businesses.
Rajan points out, however, “The biggest opportunity for MSPs is to not only secure endpoints for their customers but to also educate them on the importance of securing these often-exploited threat vectors. By leveraging their expertise, MSPs can better protect their customers while becoming a trusted advisor.”