As your employees are out and about accessing your network form a range of devices - some of which might not even be owned or controlled by your company, you need to be vigilant. But how can you watch over something you can't see?
That's where endpoint security comes in. Endpoints take many forms - from mobile devices and laptops to PCs, printers and everything in between. So the first step towards ensuring endpoint security has to be ensuring you know what endpoints you're dealing with.
Once you understand the landscape, you must then secure it. But that is often easier said than done.
Organisations have long invested in software-based security measures and these have staved off most attacks, leaving firms focused on prevention rather than cure. However, those with malintent are becoming even smarter and using more sophisticated techniques, so organisations must be prepared to up their security game.
The recent LoJax attack, which was perpetrated by Fancy Bear in the real world, shocked many. Mainly because they weren't prepared for something like that to happen. Up until that point, BIOS/UEFI rootkit attacks had been the work of fiction rather than fact.
In another recent example, supporters of PewDiePie put the fear into many suggesting they would hack' their printers if they didn't voice their support for the vlogger too. But was this really a case of the baddies finding a security loophole or just lazy/sloppy admin?
Dealing with such new, emerging and evermore sophisticated threats requires security at the hardware as well as the software level. Organisations must be prepared to secure from the top down and the inside out.
The threat of being hacked or breached in some way is a reality of modern business life. The average financial cost of a cyber security breach for UK organisations is suggested to be anywhere from as little as 1,000 to just shy of 10,000. However, we know such attacks can cost organisations dearly elsewhere, too.
Compounding the scary stats around security generally is the fact the way we work (and live) is changing almost beyond recognition. Experts predict that, by 2020, flexible working will be the norm among businesses. With all the benefits this increased agility and ability to work anywhere and at any time, there are also increased risks.
There's a very fine line between where general best practice/common sense ends and advanced levels of security starts. But whose responsibility is it to ensure both are considered and carried out? The simple answer is everyone. However, IT must lead the charge and bring users along on the journey, ensuring they understand the potential consequences of their actions.
But it's not just about technology in isolation. It's about ensuring people have the right tools to keep the information your organisation holds dear safe without even having to think about it.
Catch up on our webinar, brought to you by HP and Intel in association with IT Pro, which brings together experts in this field to discuss and debate the challenges, debunk myths and help your business make clued-up decisions about how to move forward and be more efficient, effective, productive and, ultimately, successful in a safe and secure manner.
Moderated by B2B editorial director Maggie Holland, the webinar also features the expertise and opinion of Howard Roberts, an HP distinguished technologist, Jeff Kilford, UK Client Compute Group Lead for Intel, and former analyst and current freelance journalist and broadcaster, Rene Millman. During the hour-long discussion, we answer questions such as:
- What is endpoint security?
- What are the different endpoint considerations (from PC and print to everything in between)?
- What are the benefits and key challenges of securing endpoints?
- Can you exist safely without dedicated endpoint security?
- Are self-healing endpoints the answer?
- Do older PCs limit productivity and become a liability?
- How important is multifactor authentication?
- Are printers a weak spot?
- How important is user education when it comes to securing endpoints?
- What should you tell users and what information should you leave out?
- How can you protect your organisation from the most deviant BIOS attacks?
- How can you avoid being the next endpoint security horror story?
- What role does biometrics play?
- What about the IoT - do the risks increase?
- How can we learn from WannaCry et al?
