As a business grows, new tools and software are often adopted as needed. As a result, many businesses might not be fully aware of which security products are installed on which devices. Even worse, this means they won’t know which products are out of date or non-compliant.
The State of Endpoint Resilience Report by Absolute found that nearly one-in-three enterprise devices had an endpoint protection (anti-virus/anti-malware), client management programme or VPN application that was out of compliance.
The average Windows 10 enterprise device was also more than three months behind in applying the latest security patches.
What are you trying to secure?
It pays to be clear on what security products you’re using and where, as well as whether all software is patched and up to date.
This requires visibility of your security products and control over where they are deployed and how they are used. Your security policy also needs to be clearly defined and communicated to all the relevant parties. If circumstances change or new threats emerge, your policy needs to be able to adapt to match those changes.
With many employees likely to continue working from home more often after the pandemic, your business will have to defend itself against cyberattacks across a wider front. This means you’re likely dealing with more systems, more devices and more ways of delivering IT through on-premise and cloud.
Are all employee devices accounted for in the current security policy? If not, this is the time to ensure they are. You need to match security policies more closely with your changed business model. Can your current security products protect them – and your business?
An effective security policy starts with a security assessment – which requires an audit of your IT assets, devices at remote endpoints and security technologies deployed across the organisation.
The security assessment will help identify weaknesses in your defences and the solutions that should be put in place to address them. It should help reveal security products that may no longer be relevant to how your business operates.
The goal is to have a security roadmap that aligns with your business goals going forward.
The benefits of cloud security
Managing and scaling an effective security strategy is easier if you can remove – or at least minimise – complexity in your security, even as the assets and workplaces that you need to secure multiply.
As employees mix and match office and home working, cloud can provide the flexible, consistent managed security that businesses need.
Cloud allows you to deliver a predefined security profile across dispersed devices, which is significantly better than a piecemeal approach of mix and matching security solutions across different devices.
Cloud also helps companies ensure employees are equipped to do their job securely. The easiest way to waste money on any security product, no matter how effective, is to neglect making employees aware of their responsibilities in your security strategy.
The simpler your security is to implement, the better your long-term protection. Products that add complexity or fail to provide the security the changes in your business demand need to be identified and replaced.
In the end, if workplace security products don’t protect your modern workplace, they need to be replaced with something that can.