When the COVID-19 pandemic took hold, many businesses became endpoint-based organisations overnight. With most of their employees forced to work from home outside the corporate network, external endpoints became the norm.
There are serious security implications behind this large-scale increase in remote endpoint devices.
The same number said the frequency of endpoint attacks had increased and 51% said their endpoint security solutions were not effective at detecting those attacks.
Zero-day attacks were particularly effective, accounting for 80% of successful breaches and were expected to increase in frequency.
More than half (56%) had replaced their endpoint security solution in the previous two years. Many complained that traditional antivirus solutions generated a high number of false positives and security alerts, protection was inadequate and deployment and management was too complex.
A separate report from Absolute, 2020: The State of Endpoint Resilience Report, stated enterprises had struggled with managing increasingly complex endpoint environments before COVID, due to the rising number of applications being purchased and deployed.
The average number of security agents on each endpoint device was 10.2 and nearly one in three enterprise devices had an endpoint protection (anti-virus/anti-malware), client management or VPN application that was out of compliance.
The average Windows 10 enterprise device was more than three months behind in applying the latest security patches.
What it means in 2021
Set against that backdrop, it’s easy to appreciate the scale of the endpoint security challenge. With so many more remote devices accessing the corporate network, the potential target area for cyber criminals has expanded significantly.
If you consider the success rate of endpoint attacks before COVID struck, it becomes a real concern.
Changes to the profile of remote workers also widens the potential vulnerabilities. Many are accessing different applications and sharing confidential data that mobile employees did not need to access in the past.
Installed endpoint security solutions might struggle to protect a much wider target area where so much more confidential and sensitive information is going in and out of the corporate network.
Some suggest endpoint detection and response (EDR) as a solution, but there are questions over how effective this is against new or unknown threats. What’s more, businesses can often find it difficult to support it with their own staff.
To take the issue back to basics, an endpoint is only as secure as the person using it. This is something cybercriminals know only too well, which is why phishing attacks are so popular.
Their success highlights the deficiencies in employee security awareness. Often, employees are unaware of their roles and responsibilities in the company security strategy. Businesses should devote more time and attention to training employees and making them more aware of their roles in the security plan.
There are a few simple issues you should address:
Endpoint protection: Do your security solutions work across all endpoints, irrespective of the user, branch, location or device?
Authentication and identity management: Do you have authentication policies in place for your dispersed employees and devices?
Patching: Is the endpoint security on devices patched regularly?
A cloud-based service could make sense for many businesses, especially given the scale of the shift to dispersed working. With so many devices outside the corporate perimeter, the automation, scalability, flexibility and consistency offered by cloud-based services and applications are essential.
Our VDM Cloud service protects and manages access to corporate data, from initial device enrolment or provisioning out of the box, through to device retirement or the end of the employee’s contract. Employees have seamless access to business apps and data through secure mobile devices, PCs, Macs, apps and cloud services, while still maintaining complete control over their privacy.