Illumio today released its “Security Risks 2021: Ransomware and the Return to the Office” report. The study covers security practices for remote endpoints, revealing how vulnerable organizations are to ransomware propagating throughout the network. Further, it explores the impact of large-scale breaches.
Illumio provides visibility and segmentation for endpoints, data centers, or clouds, basing its capabilities on the Principle of Least Privilege. Additionally, it works to prevent the lateral movement of attackers across any organization.
A major thrust of the report focuses on the risks businesses face from having large swaths of their employees work from home and explores what this means as workers come back to the office part-time. The central challenge focuses on low endpoint visibility exacerbating the risk of ransomware lateral movements. For example, 59 percent of respondents are unable to see attempted connections to work laptops from other devices on the local home network. 45 percent are limited to the visibility of the VPN, while 26 percent rely on their endpoint detection and response (EDR) tools to see traffic and connections on the local home network.
Matthew Glenn, senior vice president of product management at Illumio, gave a statement on the findings. “Since the VPN cannot see home network traffic, respondents assume the visibility they get from a VPN is sufficient, when, in fact, it leaves them blind to the environment that work devices are actually running in. Devices on home networks are vulnerable to peer-to-peer and lateral attacks from unwitting family members. These vulnerable endpoints risk exposing an entire organization to systemic risk, even while workers are connected over a VPN. Once employees begin returning to the office, connecting potentially compromised devices to the corporate network will pose an even greater threat.”
Learn more about Illumio here.
- Endpoint Security Providers: Best of 2023 and Beyond - October 31, 2022
- Best Books for Defending the Digital Perimeter - September 14, 2021
- Apple Vulnerability Places All of Apple iOS at Risk - September 14, 2021