Five Ways to Secure Your Endpoints
Endpoints are the most vulnerable components of your computing environment, and yet most organizations let their controls degrade. A recent study by Absolute Software found that 70% of breaches originated at the endpoint, and that 42% were unprotected at any given time. As endpoints grow increasingly complex - whether due to bring your own device (BYOD) work environments, or internet of things (IoT) devices touching the network - risk is increasing. Here's what Absolute found, and five ways to keep your endpoints secure.
The Security Gap
For most organizations, the security triad consists of data encryption, endpoint security tools to fend off cyber threats, and client and patch management to ensure applications are free of vulnerabilities. Looking specifically at endpoint protection, Absolute found:
Vulnerabilities have become so extensive that at least 35% of breaches originated along an endpoint. Researchers found that 19% of endpoints required at least one repair every 30 days, and that the top 20 most common applications were responsible for over 5,000 total vulnerabilities in 2018. It's no surprise, then, that global IT spend is predicted to reach $128 billion by 2020, of which endpoint security will account for a quarter.
Of course, the cost of implementing and maintaining this endpoint security isn't the only factor driving that number up. Sophos found that the average organization loses 41 days per year investigating non-issues. 80% struggle to perform thorough threat detection and response, often because they lack the necessary security expertise, or their internal teams are already bogged down with break-fixes. This leaves a lot of time for actual threats to go unnoticed - up to 13 hours for most businesses.
Pro tip: Don't let a cybersecurity event catch you off guard. Find out how much one would cost your business with our Recovery Time Calculator.
Protecting Your Employees
To combat endpoint degradation, and IT fatigue, your tech leadership needs to have a thorough understanding of what's happening on an organization-wide to device-by-device basis. This level of oversight is critical in thwarting threats, responding to suspicious events, and keeping employees secure both in and out of the office network. Here are six ways to move your company in this direction:
- Outfit employee endpoints with anti-virus software, multi-factor authentication, and automated application updates. These simple protections will go far in securing your client data.
- Delete unnecessary customer and employee data from endpoint devices. Routine data minimization is not only an industry best practice, it decreases the chances of accidental loss or corruption.
- Consider implementing Microsoft's Enterprise Mobility + Security. This suite combines Azure Active Directory, Rights Management, Intune, and Threat Analytics for cost effective, comprehensive security across devices, applications, and data. Automated behavioral analytics identify suspicious activities, before they become a problem.
- Keep your certifications and technology up to date. Ensure your company has implemented routine patches for endpoints, and that all licensing reflects the latest in compliance and regulatory standards.
- Update your security and recovery plans to reflect the latest additions / changes to your network infrastructure. This is imperative if you have added new mobile, IoT, or on-premise resources.
If you are looking to implement these changes, but don't know where to begin, consider reaching out to iCorps for a free consultation.