The Strongroom

The Round Table: Why should modern endpoint protection be at the top of your priority list?

19 December 2017

Written by Origin Security

The days of the secure perimeter are long gone, with employees utilising multiple connected devices to access networks, applications and data outside of traditional office hours, and from locations often beyond corporate control. Accordingly, most CIOs and CISOs are aware of the need to protect the modern endpoint, but are they giving it the priority it deserves? We got the experts together to argue the case for putting modern endpoint protection right at the top of your 2018 priority list.

 

ON TODAY’S PANEL

Chris Hails Information Security Consultant, Origin

Anthony Naulls Head Of Technology, Les Mills International

Chris Fisher Manager System Engineering, Symantec

 

Why should modern endpoint protection be at the top of your priority list? 

 

Chris Hails

Recent data from InternetNZ showed that almost 80% of New Zealanders now connect to the internet via a smartphone - a huge increase over the last decade. This always-on connectivity brings with it a range of new challenges for any business. Risks can range from inattention and device use behind the wheel of a company vehicle through to malicious applications, data leakage and a loss of control of information.

Physical loss is one major concern – not just the cost of replacing an expensive gadget, but what kind of data is stored on the device and could this information be accessed if left unencrypted? A mobile device management policy and associated technical controls are essential to ensure lost hardware can be located, locked or remotely wiped and that users are required to authenticate to login to services and applications.

Content risks are another major consideration: is the mobile endpoint sufficiently protected against malware and can the business control what websites and applications staff are accessing and installing? Ransomware has been a growing threat to New Zealand businesses since 2013 with destructive data-encrypting attacks on desktops and poorly protected networks a common concern. From 2015 onwards, ransomware on mobile endpoints has been a growing problem, especially on Android powered devices. 

Fragmentation in mobile operating systems – now a huge chunk of the OS market - and the complexity added down the supply chain from developer to device maker to network carrier can lead to delays in receiving appropriate security patches or an eventual abandonment of older hardware still in use by millions. And it’s not just Google’s platform of late that has struggled with increased attention from attackers.

As security investment has focused on defending corporate networks, mobile endpoints and the adoption of BYOD have been recognised as potential vulnerabilities worth exploiting. Network spoofing through the use of rogue WiFi access points and ‘man in the middle’ attacks have been shown to be harming New Zealanders with banking organisations encouraging users to steer clear of public hotspots.

Have end users been trained on common information security threats such as phishing emails that are designed to harvest system credentials? Past research suggests that small screen sizes and a lack of visual interface cues can make traditional cybercrime attacks three times more effective on mobiles. Many users have been habituated to respond immediately to blinking, chirping phone and application notifications and can click on links and open attachments without a moment’s thought.

A smartphone also provides multiple delivery vectors with social media and messaging apps another route in to compromise alongside email and SMS, leading to the rise of ‘SMiShing’ or txt-based phishing. With so much information now stored and accessible via mobile endpoints, it’s absolutely critical that businesses take steps to adequately protect them.



Anthony Naulls

Les Mills International delivers high-end, licensed fitness content to gymnasiums and certified instructors in nearly all global markets. Our product is heavily researched, so protecting our IP is critical to maintaining our world-leading position.   

We’re a SaaS product consumer in all practical areas, and our users have the freedom to operate on nearly any device to access applications. Travelling users are exposed to potentially corrupt public WiFi - and in recent times we’ve seen even private networks are at risk.

All of this means that opportunities for a security breach have grown exponentially in recent years, requiring a new approach. Should any of our end users’ identities be compromised, access to critical areas of the business would become available. While MFA is in place to protect against that possibility, naturally we’d prefer that identity isn’t compromised in the first place. We know that modern endpoint protection is the key to protecting user identity as a first port of call.

With our move to serverless offices, we looked to replace our global dependency on traditionally deployed and managed endpoint protection architecture with a modern, scalable, device-agnostic, invisible to the user, and globally deployable solution. Symantec’s SEP Cloud endpoint protection model provides us with the capability to ensure all of our mobile devices are up to date with definitions, and protected against malicious attacks 

With Symantec SEP Cloud endpoint protection in place, the business is confident that we’re well equipped to face the modern security challenge.

 

Chris Fisher

The modern endpoint is a mix of corporate and personal use that is always online, and poses a very different risk to its traditional predecessor. As users look for more flexibility and businesses shift to cloud, devices have become a core part of how we work, increasing access to company sensitive information and connection to business-critical systems. Devices also blur the lines between corporate and personal use, meaning acceptable use policies and control over the device is far more sensitive than traditional corporate endpoints.

Management of these endpoints has resulted in a mixed experience; mobile management platforms simply do not provide sufficient threat protection as attackers have evolved their techniques. The modern endpoint has four main areas that can be exploited by attackers to gain access to the device and therefore corporate information:

  • Physical
  • Malware
  • Network
  • Vulnerability

Enterprises need to look at a Mobile Threat Defence platform that provides protection for the above four vectors without sacrificing the user experience or device battery life. The ideal enterprise solution will also leverage a public application using the native capabilities of the device to ensure it’s compatible with the latest operating systems, providing the end user with a native experience on the device. The solution should also be able to work with or without an Enterprise Mobility Management solution and provide protection for corporate applications and corporate network traffic.

Symantec provides all of this functionality via its SEP mobile platform, which gives businesses the benefit of crowd wisdom and modern, cloud-based management of the solution. SEP Mobile is a public application that provides protection for all modern endpoints and is available via the the App store and Google Play store.

 

Origin is a Symantec partner and has the people, the processes and the technology to keep you safe and secure. Get in touch with our security team to find out more.  

 

Make sense of the new world order. Join us on LinkedIn for news and views that will keep you at the leading edge of cyber security.

Join the Strongroom
Join The Strongroom and get a regular round-up of news and views to keep you up to date with the fast moving world of cyber security.