The emergence of Advanced Persistent Threats (APTs), zero-day vulnerability exploits, and the ever-present threat posed by arguably the most dangerous of adversaries, the organization’s own users, continue to poke new holes in even the most well-laid security architectures. While the tools that attempt to keep data and other assets safe are doing their best to keep pace, malicious software, and the people behind it, continue to find ways to avoid detection by, circumvent, or even subvert an organization’s perimeter and endpoint defenses.
With the ever-evolving threat landscape, and the dissolution of the notion of a “perimeter” that can be managed, it’s time to look to a new security framework to better defend your endpoints. Info-Tech Research Group recently put together a whitepaper, The Foundation of Next-Gen Enterprise Security is Embedded in your Endpoints, outlining the latest research from Elliot Lewis, a former Merrill Lynch CISO and Lead Analyst at Info-Tech Research Group. The research answers questions about:
- How much risk is out there?
- How to build a security house based on Info-Tech’s information security framework, which includes advice on technology and governance layers
- The value of a secure foundation
- The difference between embedded versus installed software
- What the key considerations are in activating a firmware-based security solution
We worked closely with Info-Tech Research Group to supply some insight into the state of endpoint security. For example, anonymized data extracted from our unique Endpoint Data Discovery (EDD) solution shows that 27% of devices contain at least one record containing sensitive data; in many cases, these devices contained thousands or even millions of records.
Following the same advice as our own experts, the Info-Tech Research Group advocates for a layered defense, laid out as a “security house”:
The framework is laid out as a security house, and much like in an actual home, the assets inside warrant the highest levels of protection. The doors and windows are sealed and encrypted with anti-intrusion measures, the multi-lock system requires coordinated authentication factors, and a surveillance system provides immediate alerts of any incidents or events that indicate a compromise.
The important note is that each of these measures are designed to work together to maximize data security. The concept of a “zero-trust” model is explored, given the risks associated with the compromise of a security layer at the endpoint level. A single stolen device or uninstalled security agent could topple the whole security model, so additional reinforcement is needed.
Absolute Persistence is embedded at the firmware level, the “foundation” of your security base, offering support to all the security layers built upon it. Embedded software such as Absolute DDS can bolster your existing security infrastructure with automatic re-installation of agents or security layers, remote administration of devices and active alerting, reporting and analytics. Browse the full research document, and get insights about why Absolute has been aggressively expanding our OEM partnerships to extend the benefits of firmware persistence.