Endpoint Security Is More Important Than Ever

Many employees around the world have spent a year forced to operate from home, and many will continue to do so after the pandemic has abated. Global Workplace Analytics, for example, predicts that 25%-30% of employees will still be working multiple days a week from home by the end of 2021.
 
If there is anything positive that can be taken from Covid-19, it is that remote working can be productive.
 
But there has been an inevitable downside of the mass adoption of remote working. Cyber criminals have realized that remote workers are no longer as well protected as on-premises office workers. According to research by YouGov, 54% of IT decision makers have seen a higher number of phishing attacks, and 45% saw evidence of printers being compromised as attack points. 

This article explores why endpoint security is more important now than ever to protect remote workers and IT professionals.

Blurred lines
 
A major problem is how the line is blurred between work and personal lives when working from home. According to YouGov research, 76% of office workers felt this blurring of their lives, 46% used their work laptop for personal activities, and 30% even let someone else use their work device - perhaps a child doing schoolwork from home. While the employee might be conscientious about avoiding phishing attacks, other family members won’t be, and all it takes is one lapse and a system could be compromised. You can’t put all the blame on employees working from home for this, though. Instead, it puts the onus on the device they are using itself.
 
Research by YouGov has shown that 91% of IT decision makers believe endpoint security is at least as important as network security.
 
Weak systems
 
Once a system used for work has been infected, it can be used to mount attacks on other employees within the company. The email contacts address book could be accessed and phishing emails sent from the infected system. Other employees will be far more susceptible if they think messages are coming from a legitimate source within the company, which could then mean the whole workforce becomes infected, enabling a mass ransomware attack. Printers could also be susceptible to internal attack once cyber-criminals have access to computers that provide remote access.
 
Anatomy of Endpoint Security
 
Many vendors offer endpoint protection platforms (EPPs) that combine different kinds of functionality, including a firewall, data, email and disk encryption (data at rest and in motion) as well as endpoint configuration and management (down to individual devices). Scanning incoming files for viruses and other malware (advanced antivirus) and endpoint threat protection are also key features. Many providers also offer endpoint detection and response (EDR, which may be broken out separately), threat forensics, data classification and loss prevention, insider threat protection, behavioral analysis, centralized administration and security policy enforcement.
 
A Complex Landscape
 
As the threat landscape has continued to get more complex, so have endpoint security products. One of the reasons vendors have taken a platform approach is so security organizations can have visibility across the different type of security tool types, unlike a collection of point solutions that weren't designed to work together.
 
Another benefit of EPPs is their ability to support the different types of endpoints as opposed to just supporting PCs, mobile or IoT/IIoT, for example. That way, if a threat appears via one device, the platform aggregates the threat information so it applies to all endpoints, not just the type that was attacked.
 
Similarly, though EPPs are available as a cloud or on-premises solution, a cloud solution enables the most up-to-date threat information to be shared across all of a vendors' customers. In fact, Gartner estimates that more than 95% of EPP purchases will be cloud-based by 2023.
 
Conclusion
 
There will be a lot more employees working from home post pandemic, and that has potential to be a positive change. Employees can more easily fit work and life together, without any noticeable drop in productivity. With the right computing safety precautions, one of the biggest downsides of remote working can be mitigated. That way, this brave new world of more flexible working can be a win-win for employer and employee alike.
 
Eileen Harrison is a technical writer for Lucky Assignments.
 
You Might Also Read:
 
Bad Cyber Security Behavior At Home Risks Being Taken Back To Work:
 
 
« Cyber Operations In Wartime
Japan’s New Cyber Security Strategy »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Fortress Information Security

Fortress Information Security

Fortress Information Security is one of the largest cyber security providers of supply chain risk management and vulnerability risk management in the US.

NetSPI

NetSPI

NetSPI is an information security penetration testing and vulnerability assessment management advisory firm.

Armenia Startup Academy

Armenia Startup Academy

Armenia Startup Academy is a pre-acceleration program for selected Armenian tech companies and startups in areas including cybersecurity.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

Infinite Ranges

Infinite Ranges

Infinite Ranges delivers secure, comprehensive digital solutions by connecting experts with the best products and services for the digital age.

INVISUS

INVISUS

INVISUS protects businesses against the latest cyber risks – including business and employee identity theft, data breaches, and cybersecurity compliance.

FDD Center on Cyber and Technology Innovation (CCTI)

FDD Center on Cyber and Technology Innovation (CCTI)

The Foundation for Defense of Democracies is a nonprofit research institute focusing on foreign policy and national security. Ares of focus include cyber security and technology innovation.

Auriga Consulting

Auriga Consulting

Auriga is a center of excellence in Cyber Security, Assurance and Monitoring Services, with a renowned track record of succeeding where others have failed.

Tuta

Tuta

Tuta (formerly Tutanota) is an all-in-one email, calendar and contacts app which protects your data with full end-to-end encryption and it requires zero personal information.

Questex Asia Total Security Conference

Questex Asia Total Security Conference

Questex Asia’s Total Security Conferences is one of the industry’s most prestigious and engaging forums for the region's top information security leaders and business decision-makers.

Technology Mindz

Technology Mindz

Technology Mindz is a leading provider of cybersecurity services. We offer a wide range of services to help businesses. Our services are Identity and access management, Governance risk and compliance.

Ever Nimble

Ever Nimble

Ever Nimble are award-winning experts in IT support, cybersecurity, and cloud technology. Our proactive approach will enhance your security and protect you from cyber security threats.