Cloud computing. The IoT. BYOD. These innovations have forever changed the way we work and do business. As they evolve into more powerful and affordable versions, their popularity continues to grow.
To illustrate, RightScale’s 2016 State of the Cloud Survey shows that at the beginning of 2016, 31 percent of enterprises had more than 1,000 VMs in private cloud and 31 percent had more than 1,000 VMs in public cloud. FlexJobs states that companies can save as much as $2,000 per worker per year with a virtual workforce. And according to the Harvard Business Review in 2015, BYOD existed in 55 percent of 300 surveyed U.S. companies.
But these trends come with risks. The growth in devices connected to networks is greatly expanding the number of highly vulnerable endpoints—endpoints that, when inadequately protected, are easy targets for cyber criminals. This is especially true at companies short on qualified cybersecurity professionals or burdened with outdated or incomplete endpoint security strategies.
Signs You Need to Rethink Your Endpoint Security Strategy
So how can you tell if your endpoint security strategy passes muster? Watch out for the following signs of a wrong approach:
- You think only large companies need endpoint security policies. Wrong! Small and midsized organizations are equally, if not more vulnerable since they usually have lower IT budgets.
- You rely on employees’ antivirus programs for endpoint security. This is a mistake for three reasons. First, anti-virus programs don’t detect all malware signatures; plus, most consumer-focused products provide a lower level of protection than custom and enterprise solutions. And third, comprehensive endpoint security needs more than anti-virus software: It needs firewalls, intrusion detection and prevention, encryption and application control, etc.
- You rely on technology to provide total protection. An article in Digital Guardian notes that many organizations omit security training for employees and instead rely completely on technology for endpoint security. However, the human factor is crucial, with Statista reporting that 81 percent of U.S. security professionals surveyed believing employees who are careless and ignore security policies are the biggest threat to endpoint security.
What You Can Do to Improve Endpoint Security
If you’re concerned about your endpoint security, experts recommend taking these steps as soon as possible:
- Educate employees. Teach cybersecurity guidelines including why not to open suspicious attachments, how to detect cyber threats; and how to report issues.
- Practice good cyber hygiene. According to the 2015 Bank of America “Trends in Consumer Mobility Report,” 71 percent of Americans sleep with their mobile phones on or near their bed. With technology so ingrained in our lives, we should make it our business to learn how to keep devices safe. The Center for Internet Security provides a Cyber Hygiene Toolkit with cyber security best practices.
- Deploy layered security. As our partner Fortinet points out, today’s threats attack on multiple levels simultaneously and even adapt autonomously to infiltrate networks. The only effective defense is to deploy layered security using the security fabric approach. This ties together individual security measures into a centralized hub that provides complete visibility and shares information about threats. As a result, an attack that gets past one section can be stonewalled before it penetrates deeper and affects more segments.
Regardless of your organization’s size, you can’t afford subpar endpoint security. A partner of Fortinet and managed security services provider, we can leverage best-in-class cybersecurity technology to deliver top-notch protection for all endpoints, wherever they are.