Data breaches continue to rise, and the growth in mobility and the cloud have exacerbated existing weaknesses and expanded the attack surface. Yet most organizations feel more secure than they actually are. Here are 3 steps to make endpoints stronger and remediate any threats…
1. Recognize The Level of Dark Endpoints
Most organizations assume that more than 95% of endpoints are compliant with required applications and patches. In reality, nearly 20% of endpoints are “dark,” which means they lack critical applications to manage risk and compliance. These unseen cracks in security lead to dark endpoints: Devices that are off the network, lost, stolen, or not operating with effective security controls.
We have found that as many as 10% of endpoints do not contain the required encryption solutions and that more than 5% of endpoints do not “report in” to security, IT asset management, and compliance tracking. These dark endpoints are breeding grounds for security breaches.
Moreover, 62% of data security professionals don’t know where their sensitive data is, according to a report from Forrester. We can tell you from our own audit data that as many as 62% of endpoint devices currently contain at-risk data on the device itself, or in unsanctioned cloud applications. At risk data? It lives on the endpoint. Organizations are opening themselves up to risks that this data, or the devices themselves, will be compromised — either by insiders or because of increasingly sophisticated cyberattacks.
2. Choose Security Layers
The first step in endpoint security is choosing your security layers. The choice of specific VPN, anti-virus, anti-malware, encryption, systems management and other endpoint controls depends on many factors. Many organizations assume that piling on more security layers adds greater security. However, it’s important to keep in mind that more is not always better.
As Forrester analyst Chris Sherman pointed out in a recent webinar, more agents do not guarantee more protection. In fact, 70% of organizations do not regularly test security controls on the endpoint, and they don’t have oversight when a device goes dark, or if there’s sensitive data hidden on the endpoint. Instead, IT teams need to ensure that all endpoints are deployed with specific, automated endpoint security solutions and that those solutions are resilient to attempts to break or compromise them.
3. Add Persistent Visibility Over Endpoints
With devices being re-imaged, users disabling apps, corrupted registry files, and solutions that are inactive off the corporate network, the first step is to add pervasive visibility to the endpoint. Embedded in firmware, Absolute’s “always on” and “always there” Persistence technology gives enterprises visibility and near real-time remediation over devices, data, applications or users — on or off the corporate network. And, with Application Persistence, IT can regain control over other endpoint security applications, which means that they’ll self-heal if compromised, and ensure the latest patches, updates, and security files are deployed when devices are off the network.
Your team can ensure that the layers you do deploy remain operational and effective, despite attempts to disable them (which is often the first step in any malware attack). For organizations in highly regulated industries such as healthcare and finance, this added protection can help prove the health and efficacy of endpoint security controls for compliance situations.
Reduce dwell time, protect data
Traditional incident responses usually involve manual remediation, patches, and updates — all of which increase the dwell time of dark assets, and increase the likelihood of errors and ongoing risk. Absolute’s persistent self-healing endpoint security gives enterprises the ability to reduce the dwell time of a dark asset, reducing the chance of it becoming a breach vector and – if it does happen – offering near real-time remediation at the source.
There is no silver bullet when it comes to data security, whether that’s endpoint security or network security. We believe it’s important to take a layered approach to data security that is reinforced by technology to help target-harden your security posture, and optimize your threat detection and remediation capabilities. To learn more, visit Absolute.com