By Ashley Leonard, CEO, Syxsense
Endpoint security continues to be more challenging and complex as workplace environments hybridize and evolve. In fact, research shows that 68% of organizations have experienced one or more endpoint attacks that compromised data and/or their IT infrastructure. The same percentage of organizations also found a rise in frequency of endpoint attacks over the last year. These statistics show not only the growth in attacks, but also that the variance and complexity of these attacks are rapidly changing year over year. As a result, it’s never been more critical to manage and secure your endpoints. But with everyone talking about complexity (of attacks and solutions), what are some steps you can take to simplify the process?
Endpoints are the gateway that attackers use to access company data. Leaving them unprotected exposes your organization to risk and potential attack, not to mention financial, reputational, and legal consequences. Creating an endpoint security strategy starts with adopting consistent approaches to protection. While the best way to achieve that is with continuous threat monitoring, detection, and automation of critical endpoint security tasks, there are some simple steps you should be taking – with or without an endpoint security solution in place. Let’s dive in.
- ABP = Always Be Patching
Managing software updates — and specifically patching endpoints — helps secure an organization from known threats. A recent study showed that 60% of breach victims cited a known but unpatched vulnerability, where the patch was available but had not been applied, as the reason for a breach. This lack of action often stems from the sheer volume of emerging attacks combined with the large number of patches being released across today’s IT ecosystem, and a lack of a comprehensive patching strategy.
The appearance of new endpoint types, such as Internet of Things (IoT), Bring Your Own Device (BYOD), and other operating system and software vulnerabilities, has resulted in a tidal wave of patch releases over the last 5 years. Staying ahead of threat actors means patching all the time.
- Seek Out All Endpoints
Think about a company network and how many endpoint devices there are. Hundreds? Thousands? Tens of thousands? Endpoint compromise accounts for most of today’s security breaches. In fact, estimates put the number around 70 percent. If you can’t identify and track these devices, how can you secure them? The easiest way to do so is with a comprehensive discovery and configuration compliance audit. This process can have multiple steps, but it typically involves:
- Discovering and taking a thorough inventory of all hardware, such as servers, laptops, virtual machines, mobile and networking devices.
- Ensuring all systems are configured in line with applicable compliance standards and internal security policies.
- Continuously monitoring those configurations for inappropriate or unwanted changes and mitigating configuration drift.
Ensuring you have a running tally of your endpoints is critical to securing them.
- Stay Current on Innovations
Hackers and threat actors are constantly upgrading their technology and approaches. To stand against them, you and your organization must do the same. Whether utilizing patching, compliance, or security solutions (or better yet, all of those in a single platform), it’s important to regularly evaluate new technology innovations. Advancements around automation, machine learning and more, are streamlining endpoint security, reducing the false positive rates, and enabling IT and security teams to do more with less resource.
- Be Active
All quality security programs require both a proactive and reactive approach to endpoint vulnerabilities. One key proactive approach is the continual active scanning of network devices to identify weak points, misconfigurations, and vulnerabilities. This means testing for vulnerabilities from both outside and inside the network to ensure robust visibility, which can expose open ports, disabled firewalls, or issues with antivirus. This is also important for companies that need to meet government and industry compliance or regulatory policies.
Once vulnerabilities are detected (e.g., missing patches, faulty configuration, or out-of-compliance devices) they must be remediated quickly. Finding an endpoint security solution that integrates with a SOAR (Security, Orchestration, Automation and Response) solution can enable process remediation for large groups of devices without the typical manual workload.
- Make It a Priority
Endpoint security should be a priority – dare we say even higher priority than the “protect the perimeter” firewall strategy? In many ways, individual endpoints have become the perimeter of the network. But for many organizations it’s not. Endpoint security doesn’t just protect a business — it preserves their reputation, reassures customers, and streamlines business processes. Without the necessary prioritization that cybersecurity demands, your endpoint security endeavors will likely fall short. Need executive buy-in? Consider running these facts by leadership:
These are just a few simple steps and insights to help get your organization on track with endpoint security. As consolidation continues across the security industry, solutions are emerging that deliver comprehensive endpoint security, patch management, and compliance, in a single platform. To truly protect against the rising endpoint threat, organizations must look to leverage these powerful new solutions.
About the Author
Ashley Leonard is the President and CEO of Syxsense—a global leader in Unified Security and Endpoint Management (USEM). Ashley is a technology entrepreneur with over 25 years of experience in enterprise software, sales, marketing, and operations, providing critical leadership during the high-growth stages of well-known technology organizations.
Ashley manages U.S., European, and Australian operations in his current role, defines corporate strategies, oversees sales and marketing, and guides product development. Ashley has worked tirelessly to build a robust, innovation-driven culture within the Syxsense team while delivering returns to investors.
Ashley has founded several successful technology companies, including NetworkD Inc., with operations in 7 countries. NetworkD made several strategic international acquisitions and then completed a successful exit to Sparxent in 2008. In 2012 he founded Verismic Software and launched Syxsense in 2019.
Ashley serves on several boards and acts as a mentor to up-and-coming technology CEOs through his membership in the Young Presidents Organizations (YPO). He served as Orange County chair for two years. Ashley also served as Area Chair for YPO Pacific Region and was host city partnership chair for the 2020 YPO Global EDGE conference in San Diego, CA, welcoming over 3,000 of the world’s top CEOs.
Ashley was a finalist for Ernst & Young’s “Entrepreneur of The Year” and AeA’s “Outstanding Private