How to protect your endpoints
With more people than ever working from home, it’s vital to ensure that laptops, mobiles and PCs are secure
Your staff may be keeping their distance during the COVID-19 pandemic, but cyber criminals aren’t. 2020 saw a huge increase in cyber attacks as workers moved outside of the company firewall – often on laptops that lacked proper protection against intrusions and malware.
Barely a day passes by without news of a security breach. The UK government's Cyber Security Breaches Survey 2020 found that almost half of businesses (46%) and a quarter of charities (26%) reported having suffered data breaches or attacks over the year.
These attacks can end up being extremely costly to businesses, too. A recent report from IBM and the Poneman Institute found that the average cost of a data breach in 2020 was $3.86 million (£2.92 million). This is a 1.5% drop from the cost in 2019, but still a 10% rise over the last five years. IBM's report also stated that, although the average cost of a breach is relatively the same, the costs are getting smaller for prepared companies and much larger for those that aren't taking the right security precautions.
Employees behaving badly?
Why awareness training mattersDownload now
It’s no mystery how this situation came about. When the pandemic was declared, many smaller businesses found themselves suddenly forced to embrace remote working, with no time to formulate proper security policies on to implement a managed transition. By now, though, your workers’ laptops, workstations and mobiles really ought to be properly locked down: if they’re not, it’s high time you took action.
The good news for SMBs is that there’s a wealth of affordable solutions on the market that can be deployed in minutes. They all perform real-time malware detection and prevention services, and many also offer protection against dodgy websites, email scanning and more.
The first question is whether you want your endpoint solution to be managed locally or in the cloud. The local approach gives you maximum control, and can suit organisations where everyone’s located in the same office – but you’ll need to provide your own host system to run the central server component. Things get more complicated if your users start moving between multiple locations, or indeed working from home.
In most cases, therefore, cloud-hosted endpoint protection works best. Once you’ve set up your cloud account, you can use a secure web portal from anywhere to centrally manage all endpoint protection components, regardless of their physical location.
In order to manage your endpoints, each one will need to have a software agent installed. This can normally be downloaded from the cloud portal; for a home-based workforce, a better solution might be to email each user a download link. If you take this route, it’s a good idea to tell remote workers to expect the email and what will happen when they click on the link. In most cases, an agent takes ten to 15 minutes to install, link up to your cloud account, configure itself as per your preset security profile and immediately begin protecting the device.
Close protection detail
Whether your chosen solution is locally or cloud-hosted, there are a number of key features that should be on your shopping list. Malware protection is, of course, essential: the agent should prevent malicious software from getting onto a user’s desktop by continuously monitoring all entry points. After the initial installation, it’s also recommended to carry out a complete scan of the entire system to ensure there’s nothing nasty already hiding there. To be on the safe side, you can set up scheduled system scans to run at quiet times such as overnight, although this depends on your users leaving their computers switched on.
We recommend you choose a product that extends its protection to web activity too: this enables the agent to block access to suspicious sites before the user has a chance of exposure to malicious content. Many security products also offer category-based URL content filtering, which lets you block users from using their work laptop to access unproductive sites such as games, gambling and social media.
Agents need to be kept up to date with the latest malware signatures, so ensure that your policies are set to push them out to end points as soon as the vendor releases them. You also don’t want to run the risk of meddlesome users either disabling or removing the agent, so look for products that can protect their own settings with a password.
You’ve got mail
With so many people working from home in recent months, we’ve seen a big increase in phishing attacks, or legitimate-looking emails containing links to websites that try to download malware or trick the user into giving away sensitive information. Endpoint solutions vary considerably in how they deal with email-borne threats, meaning it pays to research them to see which one offers the features you need. Important features include the capability to search for and detect malware in incoming emails, to remove any infected attachments and to block links to malicious websites. Integrated spam protection is another useful add-on, which some products are missing or only include for an extra fee.
Despite your best efforts and investment in high-quality security products, none of these solutions can be perfect. Cyber criminals are constantly adapting their tactics, and so sooner or later something might slip through the net. This is why staff training is vital. Employees should be alerted not only to the danger of phishing emails, but how they may have evolved amidst the disruption of the pandemic, and how to deal with them and report them.
Laptops and desktops are often the main focus for endpoint security, but it’s just as important to consider tablets and smartphones. This is especially true now that the world has adapted to more agile ways of working. Even when the pandemic is over, a full return to the office is unlikely, given that many employers and employees have seen the benefits of more flexible working arrangements over the last year or so. Going forward, your employees may be working from home, in the office, in coffee shops and on the move – all of which means they’re not only more likely to be using their mobile devices but that these will be exposed to different networks and connections.
You should therefore ensure that you have endpoint protection on any company-issued devices, including mobile phones and tablets, and discourage the use of personal devices unless they have adequate company-approved security installed. Useful features to protect mobile devices include app and device controls, which allow you to block certain types of apps from being run on remote workstations and prevent company data from being copied to removable media.
Alerting and reporting functions are important too, warning you right away if any of your users are under attack. You should have the option to receive email alerts whenever a security event occurs, meaning you can deal with it before it can spread and cause mayhem; the management dashboard should also bring the details to your attention so you can take immediate remedial action.
Security analytics for your multi-cloud deployments
IBM Security QRadar SIEM solution briefDownload now
Five reasons to move to the cloud
Join the enterprises moving their workloads to the cloudDownload now
Architecting hybrid IT and edge for digital advantage
Why business leaders should consider a hybrid IT strategyDownload now
Six reasons to accelerate remote asset monitoring with AI
How to optimise resources, increase productivity, and grow profit margins with AIDownload now