Recently, endpoint security solution provider Trend Micro and the Ponemon Institute surveyed over 1,000 IT professionals from enterprises of all sizes. Their comments reveal both deep anxiety and outright pessimism about their business’ endpoint perimeter security:
- 77% say they feel likely to suffer a data breach of customer data in the next 12 months.
- 80% believe they are likely to suffer a data breach of critical data (IP) in the next 12 months.
- Overall, 80% say they’ll experience one or more successful cyber attacks in the next 12 months.
This expressed cynicism about endpoint perimeter security possesses a strong basis in reality:
- According to Trend Micro, 64% of IT executives claim their internal communication became easier only after a major security event occurred.
- 44% say they struggle to translate complex cybersecurity issues to their C-suite.
- 39.7% of users never or only sometimes takes cybersecurity precautions when using a work-related endpoint, according to Morphisec Labs.
- At least one-third of enterprises experienced a cryptocurrency mining attack in 2017, according to Secureworks.
These findings only scratch the surface of the problems facing IT teams looking to fortifying their endpoint perimeter security. Yet your business can achieve a strong cybersecurity posture through a few best practices and the proper investment of time and resources.
In that spirit, we present 4 tips to improve your endpoint perimeter security
Secure the Perimeter of Non-Traditional Endpoints
While the recurring proclamation of the death of the laptop remains greatly exaggerated, the endpoint landscape continues to change. Enterprise endpoint perimeter security must also focus on fortifying a more nebulous perimeter consisting of mobile devices, the cloud, IoT devices, and other “disruptive technologies.”
This applies whether your business accepts a bring-you-own-devices culture or not. If you have any work from home policies, a hybrid or cloud-based IT infrastructure, or any connected IoT devices whatsoever, you need to make these considerations now.
Having a strong next-generation endpoint security solution certainly helps fortify an increasingly porous perimeter. However, you can also take other proactive steps:
- Mandate any device wishing to connect to the network has all of its updates and patches installed.
- Require all devices to download and activate your selected endpoint perimeter security solution before connecting.
- Work to improve your network visibility to ensure no devices connect without your knowledge (especially with IoT devices).
- Fortify your cloud databases and assets through strong identity and access management.
Work on Zero-Day Attack Prevention
In a zero-day attack, a security vulnerability or exploit occurs on the same day as the discovery of that vulnerability. Obviously, this requires solution providers and enterprises rush to solve the problem before hackers can successfully pull off their attacks.
We’ve said in previous articles enterprises can do little to prevent zero-day attacks. While preventing a zero-day attack still proves tricky, your business should do everything in its power to curtail them.
- Engaging in active threat hunting based on the alerts of your endpoint detection and response (EDR) capabilities.
- Increasing your threat monitoring efforts.
- Judiciously selecting which applications and files enter the network (and encouraging/instructing your employees to do the same)
- Actively examining your threat intelligence feeds, from both your endpoint meter security provider and through other channels.
Have an Incident Response Plan
Your employees and your IT security team constitute a large and essential part of your endpoint perimeter. After all, their actions ultimately determine the safety of the devices. If they remain unprepared for a data breach or a cyber attack, your endpoint perimeter security suffers.
However, the converse also proves true; if your employees know what to do and how to communicate during a breach, your perimeter strengthens. Therefore, you need to establish (and practice with your employees) a clear incident response plan. This must include:
- Clear lines of communication and methods of communication during a suspected data breach between employees, IT security team members, essential personnel, and victims.
- Procedures and policies to prevent further damage lost or destruction during a breach.
- Guidelines on when a data breach can be labeled contained or remediated.
Conduct Regular IT Assessments and Audits
You cannot protect what you do not see. On the other side of that maxim, you cannot protect against what you don’t know.
Therefore, your enterprise must engage in regular assessment and audits on your endpoint perimeter security. The team should draw on the latest threat intelligence and advice from cybersecurity experts while conducting these audits. These assessments should include (but shouldn’t be limited to):
- Employee participation with your endpoint perimeter security policies and platform.
- Your network visibility.
- Your minimum standards for devices connecting to the network.
- The most likely threats your enterprise faces.
- Your most vulnerable or sensitive network areas (including devices and servers).
In addition to having a next-generation endpoint perimeter security solution, these tips should help guide your decision making as you steer through the muddy waters of the digital marketplace.
- Best Books for Defending the Digital Perimeter - September 14, 2021
- Apple Vulnerability Places All of Apple iOS at Risk - September 14, 2021
- CrowdStrike Releases 2021 Threat Hunting Report from Falcon OverWatch - September 13, 2021