Top Endpoint Security Strategies
Due to their growing numbers, flexibility, mobility and sophistication, mobile devices present significantly higher risks to cloud environments than all the other combined entities. Most of the cloud users have already linked their mobile devices to their cloud networks to enhance convenience and remote connectivity- but unfortunately, this privilege comes at a significantly high cost. Malware and hackers are capitalizing on the less sophisticated endpoint security systems to gain entry through vulnerable mobile devices and attack various cloud networks.
According to NQ mobile research, mobile malware attacks are growing exponentially and consequently affecting not only the mobile users but also various networks that they’re connected to. In 2012 alone, the number of cases grew by 163% compared to the previous year.
Through the 2014 State of Endpoint Report, the Ponemon Institute further highlights the growing security risks of mobile devices in the workplace, which are majorly fuelled by the emergent BYOD principle. In 2012, only 18% of cloud users were concerned about mobile security- however, due to increasing attacks emanating from endpoint devices, the number grew to 60% in 2014. This is double the percentage of people concerned about security attacks from stealth malware. The most affected are enterprises are governmental organizations, which record an average of about 50 attempted malware attacks (most of which emanate from mobile devices) each month.
With the numbers and risk rising, it has become fundamentally critical for cloud users to implement effectual endpoint security strategies to protect themselves from potential attacks. Here are some of the most effective developing endpoint security strategies.
BYOD to CYOD
According to the Ponemon Institute Research Report, 75% of CIOs believe that personal mobile devices present the greatest security risks to their IT environments. This is primarily due of BYOD, a principle that blew up in 2007 and has since developed tremendously as more organizations embrace their employees’ mobile devices. Through their smartphones, tablets and laptops, employees have been carrying their work home and handling tasks remotely through resourceful mobile applications. However, although BYOD is considerably convenient and has significantly boosted employee efficacy across a wide range of organizations, increased security risks are proving to be too much of a compromise. As a result, organizations are now moving to CYOD- Choose Your Own Device.
Contrary to BYOD- which allows employees to link their own devices with their organizations’ cloud network, CYOD entails issuing employees with standard devices which are controlled and administered by their organizations’ IT staff. This grants system administrators the privilege of regularly scanning company end point devices to detect any anomalies or malware before they creep into the network. Additionally, employees are disallowed from linking their personal devices with company devices to prevent possible transmission of malware.
Apart from reduced convenience, this strategy is considerably costlier compared to BYOD since enterprises are forced to invest in their own devices for use by their employees.
Anomaly Based Malware Detection
The use of antivirus software is currently the most prominent strategy employed by most organizations in detecting malware and subsequently preventing system infiltration. As a result, antivirus vendors are having a ball, enjoying the ever-expanding market triggered by increased data security threats. For long, they have been building software with signature antivirus shields to detect potential malware and consequently thwart attacks. However, with hacking strategies getting more sophisticated by the day, the signature system has been growing weaker. Hackers are now using complicated crypters to evade even the most recently updated signature antivirus shields, and ultimately gain access to various systems through endpoint devices.
This has triggered a change of tactic among antivirus vendors. To efficaciously detect endpoint device malware, they have now shifted to anomaly based malware detection- which instead of signatures, uses dedicated algorithms to identify any network activity anomaly. As a result, the number of successful zero-day attacks has significantly reduced. Therefore, to improve endpoint security, CIOs should not install just any antivirus software virus- but ensure that they’re indeed anomaly-based.
Single Security Vendors
In the past, endpoint security vendors were mostly single dimensional- they focused only on solitary threats and ignored other critical cloud elements. To comprehensively protect their cloud data, many users subscribed multiple vendors- consequently creating complex security frameworks which made the CIOs jobs even more difficult. Since cost is mostly directly proportional to performance, a majority of cloud users have been using a bulk of their security budget on high-end endpoint anti-virus systems and leaving the rest of the cloud network to free security software.
Through a survey conducted by Palo Alto Networks on their subscribers, 44% of cloud users claimed that they rather invest heavily on endpoint security at the cost of other elements within the cloud network. As a response to this worrying trend, many vendors are now simultaneously focusing on all the cloud elements by providing comprehensive anti-virus software solutions. Therefore, instead of paying top dollar to one vendor for endpoint anti-virus software while concomitantly subscribing to free antivirus to protect the cloud network, cloud users are now subscribing to single vendors who provide multi-dimensional security solutions. This creates a simple and efficiently-manageable cloud security frameworks which are less vulnerable.
Finally, organizations are conducting regular maintenance checks on their endpoint devices and cloud networks to assess and detect possible threats which could form launching pads for attacks. Additionally, they are persistently updating their systems to get rid of any bugs and patch up all the holes. Individuals and employees on other hand, are being encouraged to limit the amount of media they install and share through their devices to avoid extensive spreading of malware.
Author: Davis Porter
Image Courtesy: Idea go, freedigitalphotos.net