(July 2020) Millions of Americans now working from home are potentially exposing sensitive company information by using unsecured endpoint devices, according to several recent studies. An endpoint is a remote device that communicates with the network. In the case of a remote worker, this is typically a desktop, laptop, tablet, or mobile phone.
Poor endpoint security combined with an increase in remote work creates near-perfect attack vectors for viruses, malware, ransomware, and data exfiltration. A single endpoint breach can cost an organization nearly $9 million in lost productivity, system downtime, data loss, legal expenses, and infrastructure damage, according to the Ponemon Institute’s latest State of Endpoint Security Risk study.
With remote work likely to remain in place for some time, organizations must take steps to protect endpoint devices. A great place to start is with endpoint security solutions that combine essential security measures in a layered approach that protects against multiple potential vulnerabilities. These measures should include:
- Domain Name System (DNS) filtering. When a user clicks a link or types a URL into their browser, it launches a request to a DNS resolving service. DNS filtering blocks users from accessing malicious domains, IP addresses, or cloud applications before a connection is ever established. If the domain or IP address is known to be associated with malicious activity, access is denied.
- Email filtering. Email is by far the most common delivery mechanism for ransomware, malicious attachments, malicious URLs, viruses, and phishing attacks. Email filtering solutions are designed to block such malicious content before it reaches end-users. In addition to conventional spam filtering, email filtering solutions also incorporate advanced antivirus and anti-ransomware protection.
- Antimalware. Antimalware continues to play a critical role in detecting and blocking threats. Best-in-class solutions use behavioral analytics as well as traditional signature-based techniques to detect “zero-day” threats and polymorphic malware that continually changes its features. Some solutions also include sandboxing to safely run and monitor suspicious code.
- Encryption. Policy-driven encryption of data at rest, data in motion, and data on mobile devices help mitigate the risk of data loss and also helps ensure regulatory compliance. Email encryption is particularly important given the large volume of sensitive information transmitted via email and stored in email applications.
Additionally, organizations need an effective patch management strategy. It’s estimated that more than half of all breaches exploit known vulnerabilities for which a patch exists that has not been applied. Patch management capabilities ensure that software and operating systems are always updated and safe to use.
Of course, security is never a set-and-forget proposition. These security tools must be managed and kept up-to-date in order to remain effective, and patches must be applied promptly. That can be a difficult proposition for smaller organizations with limited in-house IT resources.
That’s why it often makes sense to outsource security to a managed services provider such as Mainstream. Our team of network security professionals have a deep understanding of the latest threats and can deploy best-of-breed solutions to protect against data loss, ransomware, and more.
Our Managed Workstation offering brings together all the tools you need to secure your business against endpoint threats, along with ongoing remote management and support. Let us help you maintain a consistent level of protection for all the endpoint devices used in your organization.
Jeff Pracht
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile