Endpoint Security Is More Important Than Ever

Many employees around the world have spent a year forced to operate from home, and many will continue to do so after the pandemic has abated. Global Workplace Analytics, for example, predicts that 25%-30% of employees will still be working multiple days a week from home by the end of 2021.
 
If there is anything positive that can be taken from Covid-19, it is that remote working can be productive.
 
But there has been an inevitable downside of the mass adoption of remote working. Cyber criminals have realized that remote workers are no longer as well protected as on-premises office workers. According to research by YouGov, 54% of IT decision makers have seen a higher number of phishing attacks, and 45% saw evidence of printers being compromised as attack points. 

This article explores why endpoint security is more important now than ever to protect remote workers and IT professionals.

Blurred lines
 
A major problem is how the line is blurred between work and personal lives when working from home. According to YouGov research, 76% of office workers felt this blurring of their lives, 46% used their work laptop for personal activities, and 30% even let someone else use their work device - perhaps a child doing schoolwork from home. While the employee might be conscientious about avoiding phishing attacks, other family members won’t be, and all it takes is one lapse and a system could be compromised. You can’t put all the blame on employees working from home for this, though. Instead, it puts the onus on the device they are using itself.
 
Research by YouGov has shown that 91% of IT decision makers believe endpoint security is at least as important as network security.
 
Weak systems
 
Once a system used for work has been infected, it can be used to mount attacks on other employees within the company. The email contacts address book could be accessed and phishing emails sent from the infected system. Other employees will be far more susceptible if they think messages are coming from a legitimate source within the company, which could then mean the whole workforce becomes infected, enabling a mass ransomware attack. Printers could also be susceptible to internal attack once cyber-criminals have access to computers that provide remote access.
 
Anatomy of Endpoint Security
 
Many vendors offer endpoint protection platforms (EPPs) that combine different kinds of functionality, including a firewall, data, email and disk encryption (data at rest and in motion) as well as endpoint configuration and management (down to individual devices). Scanning incoming files for viruses and other malware (advanced antivirus) and endpoint threat protection are also key features. Many providers also offer endpoint detection and response (EDR, which may be broken out separately), threat forensics, data classification and loss prevention, insider threat protection, behavioral analysis, centralized administration and security policy enforcement.
 
A Complex Landscape
 
As the threat landscape has continued to get more complex, so have endpoint security products. One of the reasons vendors have taken a platform approach is so security organizations can have visibility across the different type of security tool types, unlike a collection of point solutions that weren't designed to work together.
 
Another benefit of EPPs is their ability to support the different types of endpoints as opposed to just supporting PCs, mobile or IoT/IIoT, for example. That way, if a threat appears via one device, the platform aggregates the threat information so it applies to all endpoints, not just the type that was attacked.
 
Similarly, though EPPs are available as a cloud or on-premises solution, a cloud solution enables the most up-to-date threat information to be shared across all of a vendors' customers. In fact, Gartner estimates that more than 95% of EPP purchases will be cloud-based by 2023.
 
Conclusion
 
There will be a lot more employees working from home post pandemic, and that has potential to be a positive change. Employees can more easily fit work and life together, without any noticeable drop in productivity. With the right computing safety precautions, one of the biggest downsides of remote working can be mitigated. That way, this brave new world of more flexible working can be a win-win for employer and employee alike.
 
Eileen Harrison is a technical writer for Lucky Assignments.
 
You Might Also Read:
 
Bad Cyber Security Behavior At Home Risks Being Taken Back To Work:
 
 
« Cyber Operations In Wartime
Japan’s New Cyber Security Strategy »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Alliance for Cyber Security (ACS)

Alliance for Cyber Security (ACS)

An alliance of all major players in the field of cyber security in Germany with a mission to strengthen Germany’s resistance to cyber-attacks.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

SecuLution

SecuLution

SecuLution is an Antivirus product using Application Whitelisting which offers much more protection than Virus Scanners ever can.

Vesta

Vesta

Vesta Corporation is a global provider of a scalable suite of fraud and payment solutions for online commerce.

Tapestry Technologies

Tapestry Technologies

Tapestry Technologies supports the Department of Defense in shaping its approach to cybersecurity.

International College For Security Studies (ICSS)

International College For Security Studies (ICSS)

ICSS India offers technical education to students, clients and partners in IT Industry by our well qualified, certified and experienced trainers.

FINX Capital

FINX Capital

FINX strives to solve the cybersecurity issues with its proprietary technolog, FINX SHIELD, by utilizing big data, blockchain combined with artificial intelligence.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Polygraph

Polygraph

Polygraph monitors the activities of click fraud gangs, including how they operate, who they target, the techniques they use, and how to detect their fraud.

Nuance Communications

Nuance Communications

From revolutionizing the doctor-patient relationship to reinventing the way brands connect with their customers, Nuance technology helps organizations push the boundaries of what’s possible.

Occentus Network

Occentus Network

Occentus Network is a telecommunications service provider specialized in High Availability Servers & managed Cloud services.

HADESS

HADESS

We are "Hadess", a group of cyber security experts and white hat hackers.

Interactive

Interactive

Interactive are a leading Australian IT service provider with services in Cloud, Cyber Security, Data Centres, Business Continuity, Hardware Maintenance, Digital Workplace, and Networks.

CyberSanctus

CyberSanctus

CyberSanctus provide clients with a variety of pentest plans from the entry level starter plan, which is tailored for personal websites, to enterprise level pentests, tailored for large scale business

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.