Lee Wrall, Director and Co-founder of Everything Tech, outlines some of the ways IT managers can better manage their endpoint protection such as updating antivirus programs and moving to the cloud.
Whether it’s connected to fixed servers which hold your business’ data or it reaches up into the cloud for the good stuff that keeps your enterprise ticking over, the importance of an endpoint that’s secure can never be overstated.
Install, protect, repeat
The best practice ways of doing this are now second nature to so many of us – on both our work computers in the office and our personal computers at home – that we can almost recite them off by heart. We know that antivirus and anti-malware software needs to be downloaded and that not doing so really is a case of not having the absolute most basic protection. But mere downloading isn’t enough. As threats develop, so does the software that deals with them, so it’s vital to install updates on your antivirus programs as and when they’re released.
Similarly, patch management is important too. As its name suggests, a patch covers a vulnerable area, in this case an opening which might let bad guys into your systems. As a Managed Service Provider (MSP), we regularly adopt clients without patch management and find servers and endpoints which have not been updated in years; the result is that the patch only covers a small area that’s now dwarfed by the hugely increased vulnerability.
In busy working lives, it can be easy to put off the importance of updating any security software or installing a patch in favour of sending that email or updating that spreadsheet. That’s why every computer in our estate receives a pop-up notification once a week saying that updates are available and gives the option to install them. Critically, a user can only reject the chance to install the updates 10 times before the system seizes the initiative and installs them of its own accord, forcing a restart to make sure the changes are applied.
Not just computers
With so much focus on computers in the workplace, it’s easy to overlook another endpoint. A smartphone is nothing if it’s not essentially a handheld computer, so mobile device management is just as important. If an employee has a work telephone that contains all kinds of secrets, but they leave your employer to join a competitor and take the phone with them, their previous employers will have a comeback. Good mobile device management means that your company should be able to delete any classified information from the phone without the user’s knowledge, before they get to spill the beans at their new workplace.
It’s therefore important to remember that an endpoint is simply any device on which an employee conducts any of the daily tasks that make up their role. The updates you might receive on a smartphone are the perfect illustration of their importance. Apple pushes updates through in the small hours as the phone remains plugged in next to the bed, waiting for its role as an alarm clock. There’s a reason why the update has been released and the tech giant isn’t about to let you go about your business without it.
Be aware of entry points
Leaving an endpoint unsecured obviously leaves a system open to attack, be it a virus or malware breach. It doesn’t even have to be a glaringly obvious entry point in order for those intent on causing distress and disruption to find their way into a network. This was recently the case with some hackers who found a way into a piece of software that most office workers use without a second thought on every single working day of their lives.
Microsoft was quick to respond after employees used Microsoft Word to write short documents but possibly weren’t aware of its many macros which execute code. However, it was one of these that was exploited as the hackers zoned in on a way to exploit a feature of the Help function and inject code into the system. Microsoft developed a patch that covers the vulnerability but if patch management isn’t applied onto a user, the issue could remain as well as develop further.
Once hackers have gained entry into a system, a ransomware attack is the likeliest outcome. This will be disastrous for an enterprise and often originates in shared resources, the vast majority of which affect the many and not the few and which are understood by only limited numbers in the organisation. This means they can be breached without most employees noticing.
As it searches mapped drives, the ransomware looks for files that are utilised by more than one person. The hackers understand that so many of these files on drives like that aren’t used by most people, so by the time they notice, it’s far too late. The perpetrator who’s let the bug into their system by not applying a patch or updating their antivirus software almost certainly won’t find out what’s happened until someone else does.
That’s why continual and consistent training of staff is crucial in the cybersecurity fight. Making sure they’re aware of vulnerabilities, hackers and their fiendish methods of getting into systems is half the battle won.
IT managers can also consider migration to the cloud as a way of protecting endpoints and also driving down costs. If the endpoint is simply a pane of glass that displays information that’s held securely elsewhere by way of logging into a web portal, hardware does not need to be top-of-the-range. Cloud computing guards against the devastating results of a computer or server containing sensitive data saved locally being stolen or compromised in another way. Combining a virtual desktop with Two-Factor Authentication makes your systems and what’s kept in them considerably more secure.
Managing endpoint protection in this way also brings the fringe benefit of enabling flexible working, which is now hugely in demand in the post-pandemic job market. There’s also the ease of adding additional server capacity as your enterprise grows too.Click below to share this article