As we are living in a mobile world, companies must have endpoint security measures that are able to eliminate threats. However, the reality is that there are numerous challenges in implementing endpoint security. The lack of IT talents and experts in an organization or the limitation in personal computer (PC) management systems in the market are just two of the challenges. (for detail information you may read digital talent in scarce supply) If these challenges are not addressed, companies will be vulnerable to attacks.
According to Ponemon, 2017, the average total cost of a successful attack through endpoint in 2017 is over $5 million. The cost consisted of IT and end-user productivity loss (30%), system downtime (25%), theft of information assets (23%), damage to infrastructure (10%), reputation and brand damage (8%), along with lawsuits, fines and regulatory actions (4%). Based on these figures, enterprises should realize that endpoint security is just as important as the other types of security that we have discussed. Here are six steps to help your start in securing the endpoints of your organization as quoted from Tripwire and eSecurity Planet:
- Discover all devices that are connected to your company’s network. The discovery process involves monitoring for new endpoint asset connections, especially those your company does not know about. Suspicious connections could be a sign of an attacker trying to hack their way onto the corporate network.
- Take inventory of the operating system (OS), firmware and software versions running on each endpoint. They can use that information to prioritize known vulnerabilities and create a patching schedule. Your policy and procedure must enforce keeping systems on the network up to date.
- Remove and manage administrative accounts on endpoints so that it can mitigate much of the damage that an attacker can cause if they are able to compromise that endpoint.
- Monitor endpoints, files and the entire network for changes. If unknown modifications occur, use inversion of control, anomaly and behavior detection, and policy violations to determine the severity of the change and whether the affected asset has been compromised.
- Protect your endpoints by implementing these solutions, including patching; drift from “safe” baselines; device hardening; security intelligence sources, agent-based solutions and advanced authentication. With advanced authentication, attackers will not have access to complete authentication abilities, even if the password is stolen.
- Do security awareness and training on password, security, and electronic use best practices on a regular basis to minimize the possibility of attacks due to negligence.
Yes, it is important for enterprises to implement the latest security measures, especially given the fact that threats are constantly present. However, relying on technology alone is not enough. You also need competent IT talents in combating cyber-attacks that are continuously evolving. As an IT expert partner, CTI Group will help you enhancing your security from training your IT talents through our subsidiary PT Inovasi Informatika Indonesia to fully take cover your cyber security needs with support from our trusted managed security service provider PT Defender Nusantara Semesta.