Category: Endpoint Security

Apria Healthcare Sees and Secures 8,000 Devices with Absolute

Healthcare technology — which includes everything from medical staff tablets to patient monitoring devices and even prosthetics — is increasingly reliant on an interconnected network. This interconnectedness enables improved patient care, but it also opens the door for added risk. As cyber crime skyrockets across the healthcare industry, one of the nation’s leading home respiratory services and medical equipment providers, Apria Healthcare, recognized the risks early on and implemented Absolute to better secure patient data.
Apria operates more than 300 locations and provides service to 1.8 million patients annually with in-home care and 24/7 clinical services. In order to support home-healthcare — by far the fastest growing healthcare sector due to its potential for improved care at a reduced cost — Apria employees rely heavily on more than 8,000 devices.
Read: Why Data Privacy in Healthcare Matters
Unbreakable Visibility & Control
To ensure the highest levels of security, protect private and corporate information, and ensure HIPAA compliance, Apria needed a way to track their endpoint devices. They wanted a solution that would deliver zero-touch IT asset management, provide self-healing endpoint security, and employ always-on data visibility and protection. They needed intelligence on every device, with the ability to control every endpoint whether it was on or off their corporate network.
With Absolute Persistence®  already installed in the BIOS of their endpoint devices, Apria found unbreakable endpoint visibility and control by simply turning Persistence on. As a result, they now have a reliable, two-way connection to each device and can remotely monitor the status of their devices to avoid a healthcare data breach. They gained critical asset intelligence they could not find with any other security provider.
“Persistence [located] in the BIOS was the number one item that I think really sets Absolute apart from other companies touting that they can do asset tracking better,” said Janet Hunt, Senior Director, IT User Support, at Apria Healthcare. “They really can’t, they don’t have that piece – that persistent piece is so important to me. I am always looking for opportunity and different technologies as they come up, and I haven’t found anything that’s as good as Absolute… nothing can compare.”
With Persistence activated on every device, Apria Healthcare is assured that no matter what happens to a device – whether it is lost, stolen, or breached – no one can turn that Persistence off. The device will continue to report back to Apria, who then has the power to wipe a device clean or shut it down even if the user installs a new OS.
Absolute also provides dashboard status on all devices that updates every 15 minutes. With a complete history of the device, security managers can demonstrate encryption, geolocation, usage, and device history. Absolute provides unprecedented asset intelligence, giving healthcare organizations a crystal-clear understanding of the value every asset is delivering to inform security and purchase decisions.
“If Absolute disappeared, I would retire because I would have no idea where anything was,” said Hunt. “That was the greatest thing about bringing Absolute in: I know where a device is.”
To find out how the Apria Healthcare uses Absolute to secure patient information, gain visibility into device location and activity and improve access to patient care in the field, check out the case study or read up on Absolute healthcare solutions.
 

What Do the City of Houston, Government of Canada, Eir, and Raley’s Supermarkets Have in Common?

This article was originally published in IT Pro Portal.
A Texas city, the Canadian Northwest Territories government, an Irish telecom provider, and a California supermarket chain. What ties them together? They were all impacted by headline-making data breaches involving the theft of data from an endpoint device.
Unfortunately, the string of incidents is not surprising given that 70 per cent of data breaches today originate on the endpoint and 15 per cent of them are caused by lost or missing devices. Not to mention major U.S. metros are still on alert as the “smash-and-grab” crime trend continues with cities like San Francisco reporting about 73 car break-ins per day in August alone, with laptops on the list of most in-demand and easy-to-snatch items.
It’s estimated that by 2020, the global spend on IT security is predicted to total a staggering $128 billion. But the physical thefts of laptop devices from office places, cars or otherwise, are still causing pain in the form of data leakage, exposure and regulatory issues. There are valuable lessons to be learned here, especially when endpoint breaches can be devastating to an organisation in terms of fines, reputational damage, lawsuits, and irreparable damage to customer trust.
To help organisations strengthen their endpoint security postures, we took a lens to several notable incidents that prove how vulnerable our endpoints continue to be and outlined our key takeaways:

Irish telecom company, Eir leaks data of 37,000 customers: The data of 37,000 customers of Ireland’s largest telecom provider, Eir, was compromised when an unencrypted device was stolen from outside an office building. The laptop contained personally identifiable information (PII) including names, email addresses, phone numbers, and Eir account numbers. It had been decrypted by a faulty security update the previous working day. The company was forced to report the incident to the police as well as the Data Protection Commissioner.
Stolen laptop exposes data of 10,000 Raley’s customers: Raley’s experienced a data breach affecting 10,000 pharmacy customers. The data included sensitive patient information as well as identification numbers and prescription drug records. Raley’s could not confirm whether the data had been accessed or misused, nor could they confirm if encryption was in place.
Stolen laptop compromises Houston’s health plan: A laptop stolen from an employee’s car may have contained protected health information (PHI) records of the city’s staff, including names, addresses, dates of birth, social security numbers, and medical information. The organisation couldn’t tell if data was accessed or if encryption was in place, so they had no choice but to treat the incident as a data breach.
Stolen laptop exposes health data of 80 per cent of N.W.T. Residents: A laptop was stolen from a locked vehicle in Ottawa, Ontario containing PHI of 33,661 residents of Canada’s Northwest Territories. The data included names of patients’ names, their birth dates, home communities, healthcare numbers, and, in some cases, medical conditions. The stolen laptop was a new device so the encryption process either failed or was missed.

Lessons learned
These examples show how easy an unnecessary breach can occur. But when one laptop is stolen every 53 seconds, according to Gartner, and the average total cost of a data breach is $3.92 million, it is wise to ensure organisations have measures in place to prevent putting their data at risk. Here are the top three takeaways we can apply to endpoint security strategy, as risks continue to heighten in today’s IT landscape:

Lack of visibility is a common denominator. There is a common thread across all of these cases: a lack of endpoint visibility and an inability to prove that data protection technology was in place and functioning at the time the device went missing. In addition, there was no way to know if data was accessed post incident and certainly no way to ensure the device was remotely disabled and all personal data deleted. When it comes to endpoint data protection, you’ve likely already purchased the necessary security tools, namely device encryption. The Raley’s case, though, is a reminder that there are unencrypted devices out there and attackers know it. Organisations must have the visibility to know that their controls are, in fact, turned on and working. There’s massive risk associated with not knowing the answer.

The efficacy of endpoint security tools diminishes significantly over time. Despite the increase in IT security spending, endpoint attacks are still common. Recent research shows investment in security is wasted as endpoint controls predictably decay. The reasons vary, from controls being disabled by users to underlying services becoming disabled or broken and/or communication channels inside of the operating system (OS) breaking or experiencing disruption in some way. There is no scarcity of tools and controls. The problem is that these things are not naturally resilient. If you’ve got multiple agents on the device, beware that complexity is in itself a vulnerability and understand that less may, in fact, be more. IT, security, and risk professionals are wise to focus on streamlining and simplifying when it comes to securing their organisations’ data.

Endpoint security is endpoint resilience. It may be counter intuitive, but endpoint controls are fragile. Compromise happens not because there are no guards, but often because controls compete for resources and some thrive while others fail, which defeats the goal of safeguarding data, systems and assets.

It’s important to understand that security tools conflict and collide, and that where there is friction there is decay. We must also acknowledge that these tools must be deliberately controlled in order to improve endpoint resilience.
Back to the basics
Building endpoint resiliency and improving endpoint security requires us to get back to the basics of cybersecurity and hone in on the most critical elements for ensuring data protection at scale: people, process, and technology. It is only then that organisations can start to buck the trend of spending more of their IT budget on endpoint security while still seeing endpoint data breaches grow in frequency and severity.

Tracking & Recovering Missing Devices After the Holidays

If you’re an IT professional in education, you know that missing and stolen devices are an unfortunate reality of the holidays. Students, faculty and staff become more pre-occupied with merrymaking than keeping devices safe. Not only is the holiday season prime time for thieves to stock up on valuable electronics left in airports, vehicles and cafes, but it’s also common for students and staff to misplace school-owned devices at home or while traveling. With mid-year inventories coming up, it’s inevitable that there will be plenty of missing and stolen devices.
Greater Visibility and Control
In December, Absolute introduced a new Missing Devices feature whereby Absolute customers can now track, locate, and recover missing devices. Customers now have the capability to easily understand where their devices are, who’s using them, and how to locate them — information previously only available to law enforcement. Customers can now flag devices as missing, track them within a single report, and receive an automatic alert the next time they connect to the internet. This empowers users to either self-locate a missing device and contact the student or faculty member directly, or verify that the device has been stolen so that they can file a Theft Report, provided that they are willing to prosecute and have reported the incident to law enforcement.
Absolute’s team of reliable Investigators, with a total of 115 years of combined law enforcement experience, will then immediately begin an investigation, assist the police, and facilitate the safe return of the stolen device. Absolute Resilience for Education customers may also be eligible for a Service Guarantee; a warranty to back our proven ability to recover stolen devices, provided that the police report is uploaded within 30 days of the customer submitting the theft report and other conditions are met.
This feature represents a new degree of visibility and control for our customers. At a time where technology investment safeguards have never been more critical, Absolute is leading the way in supporting educators demonstrate ROI.
To learn more about how to track and recover missing devices with Absolute, watch this webinar.

Achieving Enterprise Resiliency Requires A Cyber-Committed Board

This article was originally published in Forbes. 
Today, 84% of the total value of the Fortune 500 is comprised of intangible assets. This means that for most major businesses, the value of digital assets, data and intellectual property (IP) is five times greater than that of physical assets. And the core DNA of their businesses, the thing that most needs protecting, lives in the virtual.
As those assets increasingly come under attack due to cyber hacking, fraud or negligence, companies find themselves scrambling to deploy more and more security controls — at a time when the forecasted worldwide security spend is expected to spike to nearly $134 billion in 2022. This trend represents an astronomical investment in defending against the rapidly escalating risk, but has yet to yield a deceleration of cyberattacks.
Against this landscape, the role of the board also continues to evolve — with an increasing expectation that board members bring a basic level of cyber competence to their roles. October was National Cybersecurity Awareness Month, so it seemed an appropriate time to share a few guiding principles that I believe are central to building and fostering cyber awareness, engagement and commitment at the board level.
Recognize cyber risk as a business risk
Cyber risk is not an elusive, cryptic puzzle that cannot be clearly measured and articulated. The same thinking that we apply to corporate governance and managing financial, operational or legal risk can and should be applied to cyber risk. From setting the vision and establishing a framework for success to ensuring investment and overseeing auditing controls, these are the things that boards need to be doing in partnership with management — especially from early on in the operation.
Let’s use financial risk as an analogy. Not all board members are deemed financial experts, but they have competency in understanding the company’s financials, which controls are in place, which additional controls are needed and who is auditing the testing of these controls. The same framework should be applied to cyber risk. Where is the real value in the company, and what are the real risks to those assets? These two questions should be your starting point. From there, all of the same questions apply: Which controls are in place? Which additional controls are needed? How are they being tested, and how do we map against the industry? Will cyber risk be a topic across the board, within specific audit meetings, or within some other committee?
Know how to define ‘enough’
Asking the right question, “Are we doing enough?” is critical. But sound cyber competence means also having the ability to answer the question. It requires the ability to define “enough” in the context of that particular business and the appetite for risk, as well as how to know if “enough” is really working. What makes this especially tricky is that there is no one-size-fits-all formula for measuring risk. It’s possible for an organization to spend an infinite amount on cyber protection and never achieve perfection. And this question can quickly start to feel like an unanswerable one.
I know this from my own personal experience. During my time at Citigroup, I had the opportunity to look deeply at online financial fraud. Similar to cyber mitigation, where you know you will never get to zero, it is important to understand what your level of risk tolerance actually is to help determine what success looks like. Given the nature and scope of your business, what is regrettable versus unacceptable? For example, a board would view employees having personal content on enterprise devices very differently from a nation-state attack or misused consumer data.
Boards should be having open discussions with management to determine where the lines need to be drawn, what is most important, what is achievable and in what investment envelope.
Make resiliency the end goal
Resiliency, by definition, is the ability to bounce back. Achieving enterprise resiliency requires not just the ability to mitigate cyber risk, but also to respond, recover and heal quickly from both real as well as perceived damage.
When the call comes that you’ve been compromised, it cannot be the first time you’re having a conversation about how to respond. Talking through things like escalations, communications, disclosures and communication to customers, partners and regulators, is a worthy exercise for the board and management to undertake together. What are the thresholds? How and when will it be communicated to the board? What are the board’s responsibilities in these scenarios? This is another area where external facilitators can play a helpful role.
As we move forward, enterprise resiliency will increasingly become core to a company’s agility in a crisis. Boards will continue to use acute cyber awareness to drive fundamental shifts in how organizations think about cyber risk and bring forward new ways to build successful, resilient enterprise security strategies.
For more on how to achieve enterprise resiliency with Absolute, visit Absolute.com.

5 Steps to Securing Your School’s Devices Over the Holiday Break

Much to the delight of students, faculty and administrators everywhere, holiday break is almost here! But they aren’t the only ones eagerly anticipating end of semester school closings: criminals are also waiting for campus shutdowns so they can take advantage of the valuable technology now commonplace in schools, from K-12 to colleges and universities.
Before taking off for the semester break, follow these easy steps to ensure your school’s devices and students are safe:

Remind users of safe behavior. Students, faculty and staff that take devices with them should be reminded (more than once) not to leave their individual or school-owned laptops or tablets in cars or other places where they can be easily spotted by crooks looking for an easy score. If someone does fall victim to theft or loses a device during the break, be sure to make available clear direction for course of action you expect. Who do they notify and how?
Update device software. Cyber criminals are equally as troublesome this time of year, with holiday phishing emails putting school networks at grave risk for cyberattack. Use the holiday downtime to push updates to device software and patch known vulnerabilities. If this sounds like an overwhelming task, consider relying on automation for help.
Track your devices. If a device does go rogue, you have a very vulnerable attack vector. Key to mitigating this risk is uncompromised visibility and control over the device, whether it’s on or off the network. Being able to quickly locate a missing or stolen device means you can remotely shut down unwanted network access and, if all goes well with law enforcement’s help, even retrieve stolen devices.
Store devices in locked cabinets and/or alarmed areas. It sounds obvious but you’d be surprised how many laptops, tablets, virtual reality headsets, digital cameras and other small-sized tech gadgets can be left lying around. This type of tech is in high demand and easy to swipe so make it harder for the thieves and keep everything under lock and key.
Don’t leave technology in plain sight. While a determined thief will break in regardless, you can prevent your school becoming victimized by someone who otherwise may not have considered pilfering your school’s tech. Remove from view or cover any larger equipment like desktop computers, printers, interactive whiteboards, and other tech that will be left behind.

Technology in our schools enable modern learning paths and brings a new level of innovation to the classroom. But it must be protected. You can safeguard your investment – not to mention your students, teachers and administration along with their  data – with the Absolute platform. In the event of loss or theft, you can remotely detect and remediate devices to prevent potential security issues and ensure compliance.
To learn how Klein Independent School District in Klein, Texas tracks, manages, repairs and recovers devices in their 1:1 computing program, download the case study.

Why Cybersecurity Needs To Focus More On Customer Endpoints

This article originally appeared in Forbes. 

Cloud-based endpoint protection platforms (EPP) are proliferating across enterprises today as CIOs and CISOs prioritize greater resiliency in their endpoint security strategies going into 2020.
Gartner predicts that Global Information Security and Risk Management end-user spending is forecast to grow at a five-year CAGR of 9.2% to reach $174.5 billion in 2022, with approximately $50B spent on endpoint security.
Endpoint security tools are 24% of all IT security spending, and by 2020 global IT security spending will reach $128B according to Morgan Stanley Research.
70% of all breaches still originate at endpoints, despite the increased IT spending on this threat surface, according to IDC.

There’s a surge of activity happening right now in enterprises that are prioritizing more resiliency in their endpoint security strategies going into 2020. The factors motivating CIOs, CISOs, IT, and Practice Directors to prioritize endpoint resiliency include more effective asset management based on real-time data while securing and ensuring every endpoint can heal itself using designed-in regenerative software at the BIOS level of every device. CIOs say the real-time monitoring helps reduce asset management operating expense, a big plus many of them appreciate give their tight budgets. Sean Maxwell, Chief Commercial Officer at Absolute, says, “Trust is at the center of every endpoint discussion today as CIOs, CISOs and their teams want the assurance every endpoint will be able to heal itself and keep functioning.”
The Endpoint Market Is Heating Up Going Into 2020
There are over thirty vendors competing in the endpoint security market right now. A few of the most interesting are Absolute Software, Microsoft, Palo Alto Networks, and others who are seeing a surge of activity from enterprises based on discussions with CIOs and CISOs. Absolute Software’s Persistence self-healing endpoint security technology is embedded in the firmware of more than 500 million devices and gives CIOs, CISOs and their team’s complete visibility and control over devices and data. Absolute is the leading visibility and control platform that provides enterprises with tamper-proof resilience and protection of all devices, data, and applications.
Like Absolute, Microsoft is unique in how they are the only vendor to provide built-in endpoint protection at the device level, with the core focus being on the OS. Windows 10 has Windows Defender Antivirus now integrated at the OS level, the same System Center Endpoint Protection delivers in Windows 7 and 8 OS. Microsoft Defender Advanced Threat Protection (ATP) incident response console aggregates alerts and incident response activities across Microsoft Defender ATP, Office 365 ATP, Azure ATP, and Active Directory, in addition to Azure.
Further evidence of how enterprise customers are placing a high priority on endpoint security is the increase in valuations of key providers in this market, including Absolute Software (TSE: ABT) and others. Absolute’s stock price has jumped 13% in just a month, following their latest earnings announcement on November 12th with a transcript of their earnings call here. Absolute’s CEO Christy Wyatt commented during the company’s most recent earnings call that, “The ability to utilize near real-time data from the endpoint to… to deliver actionable insights to IT about where controls are failing and the ability to apply resilience to self-heal and reinforce those security controls will become a critical skill for every one of our customers. This is the essence of Absolute’s platform, which adds resiliency to our customers operations.” It’s evident from what CIOs and CISOs are saying that resiliency is transforming endpoint security today and will accelerate in 2020.
Key Takeaways From Conversations With Enterprise Cybersecurity Leaders
The conversations with CIOs, CISOs, and IT Directors provided valuable insights into why resiliency is becoming a high priority for endpoint security strategies today. The following are key takeaways from the conversations:

Known humorously as the “fun button” cybersecurity teams enjoy being able to brick any device any time while monitoring the activity happening on it in real-time. One CIO told the story of how their laptops had been given to a service provider who was supposed to destroy them to stay in compliance with the Health Insurance Portability and Accountability Act (HIPAA), and one had been resold on the back market, ending up in a 3rd world nation. As the hacker attempted to rebuild the machine, the security team watched as each new image was loaded, at which time they would promptly brick the machine. After 19 tries, the hacker gave up and called the image re-build “brick me.”
IT budgets for 2020 are flat or slightly up, with many CIOs being given the goal of reducing asset management operating expenses, making resiliency ideal for better managing device costs. The more effectively assets are managed, the more secure an organization becomes. That’s another motivating factor motivating enterprises to adopt resiliency as a core part of the endpoint security strategies.
One CIO was adamant they had nine software agents on every endpoint, but Absolute’s Resilience platform found 16, saving the enterprise from potential security gaps. The gold image an enterprise IT team was using had inadvertently captured only a subset of the total number of software endpoints active on their networks. Absolute’s Resilience offering and Persistence technology enabled the CIO to discover gaps in endpoint security the team didn’t know existed before.
Endpoints enabled with Resiliency have proven their ability to autonomously self-heal themselves, earning the trust of CIOs and CISOs, who are adopting Absolute to alleviate costly network interruptions and potential breaches in the process. 19% of endpoints across a typical IT network require at least one client or patch management repair monthly, according to Absolute’s 2019 Endpoint Security Trends Report. The report also found that increasing security spending on protecting endpoints doesn’t increase an organizations’ safety – and in some instances, reduces it. Having a systematic, design-in solution to these challenges gives CIOs, CISO, and their teams greater peace of mind and reduces expensive interruptions and potential breaches that impede their organizations’ growth.

For more on coming endpoint security trends, download our 2019 Endpoint Security Trends Report.

Schools Under Cyber Siege Need a Path to Resilience

Originally published in THE Journal.
Just as the school year kicked off, families on opposite sides of the U.S. faced temporary school closures. Mother Nature was responsible for some. But not all. While several southeastern states dealt with the effects of Hurricane Dorian, across the country, one Arizona city encountered a very different type of scare. Cybercriminals waged a ransomware attack on the Flagstaff Unified School District, forcing a two-day shut down for 15 schools serving almost 10,000 students.
Flagstaff is far from alone. In July and August, 2019, the number of publicly disclosed security incidents in K-12 schools reached 160 — exceeding the total of all incidents experienced in 2018 by an incredible 30 percent. Nearly 50 school districts and colleges have been hit with ransomware so far in 2019 ranging in nature from disruptive, as in the case of the Flagstaff two-day closure, to catastrophic, which describes the scene in Louisiana when the governor recently declared a state of emergency following “severe, intentional security breaches” on school computer systems.
The Education Sector is Facing a Crisis
It’s one thing for impassible roads to hit pause on a school schedule. It’s an entirely different and unacceptable scenario when cyber extortion not only gets in the way of educating our youth but puts data pertaining to their health, academics and social development at risk of exposure and compromise — not to mention the public funds that are flushed away to ransom payments and cleanup efforts. Yet here we are, co-existing with cybercrime as the new normal and witnessing escalating ransomware attacks turn schools into the second-largest victims of all sectors.
The pace of growth of the “digital school district” continues to climb given the many benefits technology brings to students and educators. Funding for educational technology has increased by 62 percent in the last three years, and the new U.S. Digital Equity Act proposes to commit federal dollars to bring even more tech to the classroom. And while the many benefits of the digital classroom are clear, this rapid growth, combined with complexity and the continued restricted budgets for management, make our schools and our students increasingly vulnerable.
When Complexity and Risk Plague Today’s Digital Classroom, Resilience Matters
Technology is no doubt an asset, though we need to acknowledge not just the risks to student safety and privacy it poses, but also the complexity that IT folks have to wrangle. Education IT leaders once responsible for a few hundred devices, a few dozen apps and a single network have now found themselves managing tens of thousands of devices (as 82 percent of schools now provide students with them), hundreds of apps, and a distributed set of users accessing unknown networks — all with limited resources and budget in most cases. Meanwhile, by clicking on one bad link on a school-issued device, a student can become a conduit for a ransomware attack.
As endpoint and environmental complexities increase, and risk alongside them, it’s no surprise that 68 percent of education IT leaders in the U.S. list cybersecurity as their top priority. In tandem, several state governments, including Louisiana, Texas and North Dakota, have stepped up their efforts to safeguard schools against cyberattacks with various measures such as cyber policy mandates, cyber commission formation and state IT department oversight for schools.
For policymakers, educational institutions and their IT leaders, and even concerned parents, collaborative cybersecurity efforts should rally around the concept of resilience, or the ability to bounce back. Here are three steps to get on the path to cyber resiliency:

Battle the false sense of security. Millions of dollars of public funds are invested in applying security controls in schools — giving parents and educators a false sense of security. Many of these controls are fragile or by-passable — meaning that without consistent monitoring, you may be more exposed than you think. Make the most of the tools you already have and spend your budget on more impactful projects. Ask the question, “Are the controls we already have in place functioning at all times?”. Security controls cannot protect you when they are taken offline by wiley students, or bypassed. Foundational device controls include, at a minimum, anti-malware, encryption, authorized VPN, patch/client management, and web-filtering/firewalling on the client — and all need to be based on a platform that enable visibility and resilience for IT.
Strengthen your immune system. In the complex world of endpoint security, increased security spending does not equate to increased safety any more than taking more vitamins guarantees you will never get the flu. In fact, every additional security tool, while adding protection, also increases the complexity on the endpoint and therefore the probability of failure as agents. A recent Absolute study reveals that schools that have encryption in place experience agent failures on an average of nine devices per day — almost half of which never recover, leaving students and staff at risk of potential data breaches. In order to protect your students, your data and your investment, ensure you have fundamental controls activated to gain a persistent connection to each device — on or off the school network. It’s only then that you can repair or replace critical apps that have been disabled or removed.
Make cybersecurity the air students breathe. Creating a culture of online security and open communication about online threats is not just good practice, it’s an ethical responsibility. Turn it into a game; teach students what attackers do, test them on practical examples, and give each of them a sense of achievement when they win. Yammering on about ransomware crippling the school or how awful an attack would be for their district is unlikely to stop an 11-year-old trying to circumvent security policies. Let them know what villains may try to do, and challenge them to step up and help stop them. Provide a means for them to report suspicious online behavior without fear of punishment. Make them the hero of the cyber resilience story.

The pace of ransomware attacks on schools in 2019 suggests another victim will feel imminent pain and, as such, the urgency to heed these steps cannot be overstated. It’s a tricky balance but doable to enable the digital classroom to thrive, while also protecting student safety and privacy.

Improving Endpoint Security Needs to Be a Top Goal in 2020

This was post was originally published in Forbes Magazine.
Bottom Line:  Attacking endpoints with AI, bots, and machine learning is gaining momentum with cybercriminals today with no signs of slowing down into 2020, making endpoint security a must-have cybersecurity goal for next year.
Cyberattacks are growing more complex and difficult to prevent now and will accelerate in the future, making endpoint security a top goal in 2020. Cybercriminals are using structured and unstructured machine learning algorithms to hack organizations’ endpoints with increasing frequency. Endpoint attacks and their levels of complexity will accelerate as cybercriminals gain greater mastery of these techniques.
In response, endpoint protection providers are adopting machine learning-based detection and response technologies, providing more cloud-native solutions that can scale across a broader range of endpoints, and designing in greater persistence and resilience for each endpoint. The recent IDC survey published this month, Do You Think Your Endpoint Security Strategy Is Up to Scratch? completed in collaboration with HP recommends that “companies should seek to build resilience — on the assumption that breaches are inevitable — and look for “security by design” features that facilitate or automate detection and recovery.” IDC surveyed 500 senior security executives globally, finding major differences between leading organizations who realize endpoint security is essential for a unified cybersecurity strategy and followers, who don’t.
What Differentiates The Most Effective Endpoint Strategies?
IDC’s study found that leaders who integrate endpoint security into their cybersecurity plans are more effective at compliance reporting, endpoint hardening, and attack detection and response. Leaders capitalize on the data from their endpoint security strategies, creating contextual intelligence that helps protect their most vulnerable threat surfaces. The following are key insights from the IDC study showing why endpoint security needs to be an integral part of any corporate-wide cybersecurity strategy:

6% of all enterprises globally consider endpoint security to be a significant component of their overall cybersecurity strategy, with leaders 2X as likely to consider it a high priority.Close to half of all enterprises (49.4%) believe endpoint security can perform effectively as a secondary component. IDC found that the lesser the priority security leaders place on endpoint security, the more likely endpoints will fail. Instead of taking a strategic approach, organizations treat endpoint security as an isolated strategy, adding an average of 10 security agents per device according to Absolute’s 2019 Endpoint Security Trends Report. You can get a copy of the report here. Cybersecurity leaders realize that having a unified endpoint security strategy designed for persistence and resilience is far more effective than relying on an isolated one. The following findings from the IDC report illustrate how leaders view endpoint as integral to their cybersecurity strategies.
When enterprises are complacent about endpoint security, procurement standards become mediocre over time and leave digital businesses at greater risk. Followers lack security focus for everything other than desktops during procurement, for example. Though most enterprises include security requirements in procurement requests, those requirements are not specified equally for all endpoint device types, resulting in uneven security coverage and compliance risk.

IDC, DO YOU THINK YOUR ENDPOINT SECURITY STRATEGY IS UP TO SCRATCH? OCTOBER 2019

Automated operating system image recoverability, detect and recover firmware integrity breaches, and enabling software monitoring from the hardware level are the three most in-demand endpoint security features for enterprises today. Leader enterprises have relied on persistent connections to every endpoint in a network to achieve greater resilience across their global networks. Absolute is working to change this relationship, allowing remote, disconnected endpoints to remain resilient, which reflects what leaders are looking for in terms of greater control and visibility for every threat surface or endpoint. Senior security leaders, including CISOs, are taking a more integrated approach to endpoint security by designing in persistence to the device level that thwarts breach attempts in real-time. Absolute is working to change this relationship, allowing remote, disconnected endpoints to remain resilient.

IDC, DO YOU THINK YOUR ENDPOINT SECURITY STRATEGY IS UP TO SCRATCH? OCTOBER 2019

Enterprises who are cybersecurity leaders most value a device’s built-in security features when evaluating PCs, laptops, and mobile devices while followers value this feature least.33% of enterprises who are leaders prioritize devices that have built-in security capabilities that immediately provide persistent connections across the network, enabling greater resiliency. The study also makes the point that endpoint security needs to be tamper-proof at the operating system level, yet be flexible enough to provide IT and cybersecurity teams with device visibility and access to modify protections. One of the leaders in this area, Absolute, has invented endpoint security technology that begins at the BIOS level. There are currently 500M devices that have their endpoint code embedded in them. The Absolute Platform is comprised of three products: Persistence, Intelligence, and Resilience—each building on the capabilities of the other. The following graphic from the IDC study illustrates the stark contrast between enterprises who are cybersecurity leaders versus followers when it comes to adopting build-in security capabilities to harden endpoints across their networks.

IDC, DO YOU THINK YOUR ENDPOINT SECURITY STRATEGY IS UP TO SCRATCH? OCTOBER 2019
Conclusion
When 70% of all breaches originate at endpoints, despite enterprise IT spending more than ever in cybersecurity, it’s a clear sign that endpoint security needs to be an integral part of any cybersecurity strategy. On average, every endpoint has ten security agents installed, often leading to software conflicts and frequent endpoint encryption failures. Absolute’s latest study found that over 42% of endpoints experience encryption failures, leaving entire networks at risk from a breach. They’re most commonly disabled by users, malfunction, or have error conditions or have never been installed correctly in the first place. Absolute also found that endpoints often failed due to the fragile nature of their encryption agents’ configurations. 2% of encryption agents fail every week, and over half of all encryption failures occurred within two weeks, fueling a constant 8% rate of decay every 30 days. 100% of all devices experiencing encryption failures within one year. Multiple endpoint security solutions conflict with each other and create more opportunities for breaches than avert them. These are just a few of the many factors that make improving endpoint security a top goal all enterprises need to achieve in 2020.
 
 
 

Absolute CEO Christy Wyatt Recognized as Top 50 Women Leaders in SaaS of 2019

This week, The Software Report released their Top 50 Women Leaders in SaaS of 2019. It’s a distinguished group and their list of accomplishments across the software industry is both impressive and inspiring. We’d like to congratulate all the 2019 leader awardees and give a special shout out to one honoree in particular – our CEO Christy Wyatt.

Christy’s first-position ranking comes as a result of her ‘dedication to solving Absolute customers’ greatest enterprise resiliency challenges’ and long pedigree of leadership roles across the software industry. Congratulations to everyone on the Top 50 and our own Christy Wyatt!
Read the full list here.

It’s Time To Solve K-12’s Cybersecurity Crisis

This post was originally published in Forbes magazine by Louis Columbus.

There were a record 160 publicly-disclosed security incidents in K-12 during the summer months of 2019, exceeding the total number of incidents reported in all of 2018 by 30%.
47% of K-12 organizations are making cybersecurity their primary investment, yet 74% do not use encryption.
93% of K-12 organizations rely on native client/patch management tools that have a 56% failure rate, with 9% of client/patch management failures never recovered.

These and many other fascinating insights are from Absolute’s new research report, Cybersecurity and Education: The State of the Digital District in 2020​, focused on the state of security, staff and student safety, and endpoint device health in K-12 organizations. The study’s findings reflect the crisis the education sector is facing as they grapple with high levels of risk exposure – driven in large part by complex IT environments and a digitally savvy student population – that have made them a prime target for cybercriminals and ransomware attackers. The methodology is based on data from 3.2M devices containing Absolute’s endpoint visibility and control platform, active in 1,200 K-12 organizations in North America (U.S. and Canada). Please see full report for complete details on the methodology.
Here’s the backdrop:

K-12 cybersecurity incidents are skyrocketing, with over 700 reported since 2016 with 160 occurring during the summer of 2019 alone. Educational IT leaders face the challenge of securing increasingly complex IT environments while providing access to a digitally savvy student population capable of bypassing security controls. Schools are now the second-largest pool of ransomware victims, just behind local governments and followed by healthcare organizations. As of today, 49 school districts have been hit by ransomware attacks so far this year.

“Today’s educational IT leaders have been tasked with a remarkable feat: adopting and deploying modern learning platforms, while also ensuring student safety and privacy, and demonstrating ROI on security and technology investments,” said Christy Wyatt, CEO of Absolute.
Research from Absolute found:
K-12 IT leaders are now responsible for collectively managing more than 250 unique OS versions, and 93% are managing up to five versions of common applications. The following key insights from the study reflect how severe K-12’s cybersecurity crisis is today:

Digital technologies’ rapid proliferation across school districts has turned into a growth catalyst for K-12’s cybersecurity crisis. 94% of school districts have high-speed internet, and 82% provide students with school-funded devices through one-to-one and similar initiatives. Absolute found that funding for educational technology has increased by 62% in the last three years. The Digital Equity Act goes into effect this year, committing additional federal dollars to bring even more technology to the classroom. K-12 IT leaders face the daunting challenge of having to secure on average 11 device types, 258 unique operating systems versions and over 6,400 unique Chrome OS extensions and more, reflecting the broad scale of today’s K-12 cybersecurity crisis. Google Chromebooks dominate the K-12 device landscape. The following graphic illustrates how rapidly digital technologies are proliferating in K-12 organizations:

42% of K-12 organizations have staff and students regularly bypass security endpoint controls using web proxies and rogue VPN apps, inadvertently creating gateways for malicious outsiders to breach their schools’ networks. Absolute found that there are on average 10.6 devices with web proxy/rogue VPN apps per school and 319 unique web proxy/rogue VPN apps in use today, including “Hide My Ass” and “IP Vanish.”  Many of the rogue VPN apps originate in China, and all of them are designed to evade web filtering and other content controls. With an average of 10.6 devices per school harboring web proxies and rogue VPN apps, schools are also at risk of non-compliance with the Children’s Internet Protection Act (CIPA).

While 68% of education IT leaders say that cybersecurity is their top priority, 53% rely on client/patch management tools that are proving ineffective in securing their proliferating IT infrastructures. K-12 IT leaders are relying on client/patch management tools to secure the rapidly proliferating number of devices, operating systems, Chrome extensions, educational apps, and unique application versions. Client/patch management agents fail 56% of the time, however, and 9% never recover. There are on average, nine daily encryption agents’ failures, 44% of which never recover. The cybersecurity strategy of relying on native client/patch management isn’t working, leading to funds being wasted on K-12 security controls that don’t scale:

“Wyatt continued, this is not something that can be achieved by simply spending more money… especially when that money comes from public funds. The questions they each need to be asking are if they have the right foundational security measures in place, and whether the controls they have already invested in are working properly. Without key foundational elements of a strong and resilient security approach in place – things like visibility and control, it becomes nearly impossible to protect your students, your data, and your investments.”
Providing greater device visibility and endpoint security controls while enabling applications and devices to be more resilient is a solid first step to solving the K-12 cybersecurity crisis. Thwarting the many breach and ransomware attacks K-12 organizations receive every day needs to start by considering every device as part of the network perimeter. Securing K-12 IT networks to the device level delivers asset management and security visibility that native client/patch management tools lack. Having visibility to the device level also gives K-12 IT administrators and educators insights into how they can tailor learning programs for broader adoption. The greater the visibility, the greater the control. K-12 IT administrators can ensure internet safety policies are being adhered to while setting controls to be alerted of a suspicious activity or non-compliant devices, including rogue VPNs or stolen devices. Absolute’s Persistence platform provides a persistent connection to each endpoint in a K-12’s one-to-one program, repairing or replacing critical apps that have been disabled or removed.
You can download the full Absolute report here.

Loading

Categories