could have dozens of devices in the form of desktops, mobile
devices, routers, and even smart appliances as part of its IT
infrastructure.
Unfortunately, each of these endpoints can now be a weak link
that hackers could exploit. Hackers constantly probe networks for
vulnerable endpoints to breach.
For example, systems and applications that are configured using
recycled user names and passwords can easily be hacked given the
availability of leaked credentials online.
Password management service LastPass noted that 59% of
users[1] use the same password
for multiple accounts.
Malware and malicious processes may also target workstations.
Cybersecurity firm Symantec found a 1,000 percent increase in
PowerShell script attacks in 2018. These attacks use cleverly
disguised malicious processes that appear legitimate at a cursory
glance. This is why IT security
career[2] is fast evolving into a
huge market.
However, because of the number of devices in workplaces, keeping
networks safe from hackers has become quite a massive undertaking.
Fortunately, organizations now have access to a variety of tools
that help mitigate these threats such as endpoint management
solutions.
Diane Rogers, Product Manager for Realtime Security of Cloud Management
Suite[3], shares:
“It only takes one compromised endpoint to bring a whole network
down. Even for smaller businesses, the loss of data, theft of
intellectual property, and downtime could cost tens of thousands of
dollars to deal with.”
“This doesn’t even include potential losses from government fines
and negative publicity. Therefore, it’s critical for administrators
to have control over the devices connected to their networks. One
way they could do this is through effective endpoint management.”
workplace’s IT.
1 – Device audits
IT teams should know exactly what hardware and software comprise
their infrastructure. But thanks to the surge in the cloud and
mobile computing adoption, there’s now what’s called a “shadow
IT[4]” in workplaces comprised
of unsanctioned applications and devices that workers use.
Using endpoint management solutions, IT teams can automatically
discovery all devices connected to the network, their
specifications, and the systems and software that run on them.
Having this list allow administrators to review and vet these
applications and devices to see if they are free from risks. This
way, administrators can then restrict and regulate the use of these
technologies.
Audit results can also be collected over time. Audit histories
can be used to check and verify the changes that happen to the
network including the potential loss and theft of devices.
2 – Process tracking and termination
Hackers continue to use social engineering attacks such as phishing
to trick users into downloading and installing malicious scripts to
their devices that are designed to steal information, cause
disruption to operations, or destroy data across the network.
Users may not be aware if their devices are already compromised
as many of these malware are designed to run silently in the
background.
By enabling remote access to endpoints, system administrators
can review active processes and readily terminate dubious ones.
3 – Automated patch deployment
Fortunately, developers continuously release updates to fix bugs
and flaws in their products and services. Previously,
administrators have to judiciously keep track of security and
update bulletins to know if there are new patches that need to be
downloaded and deployed.
Today, endpoint management solutions can automatically detect
available firmware and software updates for each device connected
to the network.
These patches can also be automatically deployed across devices
including to Internet-of-Things devices. Updates can be performed
as soon as fixes become available even during off-hours, minimizing
the IT team’s workload and the downtime caused by patching.
4 – Accurate information and real-time action
System administrators must also be able to decide immediately on
what actions to take should threats manifest themselves. Endpoint
management solutions can reference audit results to identify which
endpoints are affected.
By having the most up-to-date information about the system,
administrators would also be able to recommend the right actions to
decision makers.
For instance, critical vulnerabilities without available fixes
may require affected endpoints to be taken offline.
Through audits, administrators and decision-makers would have
the information they need to assess the impact on the business end
such as the number of potential workstations affected and expected
downtime. Knowing these, they could work on contingencies.
Cloud Management Suite, for instance, enhances administrators’
capabilities to monitor and respond to threats.
The platform provides absolute real-time visibility of devices,
allowing IT teams to instantly check affected endpoints based on
audit histories and timely patch reports.
This way, administrators can perform immediate actions to remedy
vulnerabilities.
The platform even features voice and artificial
intelligence-powered controls that allows administrators to issue
human language instructions which further simplifies threat
response.
Covering all bases
These said, securing workplace IT requires more than just endpoint
management. This should be combined with other measures such as
using firewalls, identity management, and data protection.
Workplaces should also educate end users regarding the proper
use of IT resources and how to avoid social engineering
attacks.
But by using comprehensive management solutions, administrators
would be able to cover the many bases required to keep their
workplaces’ endpoints secure.
References
- ^
59% of users
(blog.lastpass.com) - ^
IT security career
(techtheday.com) - ^
Cloud Management Suite
(www.cloudmanagementsuite.com) - ^
shadow IT
(channels.theinnovationenterprise.com)
Read more http://feedproxy.google.com/~r/TheHackersNews/~3/hOSV3tmLjnY/endpoint-management-cybersecurity.html