The data security strategy resumes to Endpoint Security for many businesses. Reasons like small budgets, lack of knowledge, overlooking of threats that do not come through traditional ways, over-reliance in employees determine managers to maintain the status quo.
The truth is things change and we understand change is difficult most of the times. But there is no other way in a field like IT security. People and IT Security need to adapt to the context and seek to address the diversity of threats that put the company information in danger.
Surprisingly, insiders’ threats represent in more than 50% of cases the cause for a data breach. Either a stolen USB stick, external HDD, or a frustrated employee who decides to get revenge by publishing sensitive data or selling it or just an honest mistake are the events related to insiders’ threats. These can be prevented by using Content-Aware Data Loss Prevention, Device Control and Encryption Solutions.
Businesses must build their data protection strategy on layers, starting with user identity and access management, server security, network security, cloud and mobile security, DLP, etc. depending on the organization infrastructure. Sticking just to endpoint security is as dangerous as wearing just a helmet on a motorcycle (which offers the minimum level of safety).
What are the most significant hurdles with protecting endpoint clients in the enterprise?
The first and biggest problem is the fact that most of IT staff, like all of us, is reluctant to read documentation. They are too busy to do that and they prefer to have assistance directly from the vendor. I guess it is perfectly justifiable in the pressure of today’s lack of time when every new task needs to be completed “yesterday”.
Secondly, highly restrictive policies cause drop-off productivity. Users are annoyed by to many notifications and approvals that they have to make and many times their work is interrupted. Resource consumption is a third hurdle that users report to IT admins. There are many endpoint security solutions that require a lot of resources and slow down workstations and daily tasks implicitly.
Another headache is caused by deployment. There are always some endpoints that somehow are omitted, either from the AD, because of compatibility issues, or other technical or organizational aspects.
At times it seems we're fighting a losing battle with endpoint security. What can organizations do in order to stay ahead of the threats?
Even though most of the threats that are addressed by endpoint security software are external, the human factor is equally important because even the strongest anti-virus or firewall cannot stop users to click on a link or download a file that can contain malware. Same goes for Device Control solutions that cannot solely work against data leakage threats, since users are an important component of the implementation. Organizations should assign more resources for users’ training and education. An educated user is the safest user. Data security should be as popular as team buildings or product training. Data security contributes indirectly to business continuity and profitability, so it should be treated as such.
What are the essential attributes of a robust endpoint protection solution?
For IT administrators that are in charge of deployment and management, essentially implementing and running IT Security solutions it is vital to have an Endpoint Protection solution that meets the following criteria: covering as many types of endpoints as possible, meaning essentially many Operating Systems (Windows, Macs, iOS and Android) and device types. Ease of installation and management, helpful documentation and support, granularity to allow different levels of authorization and create policies according to the organizational units, intuitive interface, and detailed reports represent the essential attributes of a robust Endpoint Security solution.