Endpoint Security Is More Important Than Ever

Many employees around the world have spent a year forced to operate from home, and many will continue to do so after the pandemic has abated. Global Workplace Analytics, for example, predicts that 25%-30% of employees will still be working multiple days a week from home by the end of 2021.
 
If there is anything positive that can be taken from Covid-19, it is that remote working can be productive.
 
But there has been an inevitable downside of the mass adoption of remote working. Cyber criminals have realized that remote workers are no longer as well protected as on-premises office workers. According to research by YouGov, 54% of IT decision makers have seen a higher number of phishing attacks, and 45% saw evidence of printers being compromised as attack points. 

This article explores why endpoint security is more important now than ever to protect remote workers and IT professionals.

Blurred lines
 
A major problem is how the line is blurred between work and personal lives when working from home. According to YouGov research, 76% of office workers felt this blurring of their lives, 46% used their work laptop for personal activities, and 30% even let someone else use their work device - perhaps a child doing schoolwork from home. While the employee might be conscientious about avoiding phishing attacks, other family members won’t be, and all it takes is one lapse and a system could be compromised. You can’t put all the blame on employees working from home for this, though. Instead, it puts the onus on the device they are using itself.
 
Research by YouGov has shown that 91% of IT decision makers believe endpoint security is at least as important as network security.
 
Weak systems
 
Once a system used for work has been infected, it can be used to mount attacks on other employees within the company. The email contacts address book could be accessed and phishing emails sent from the infected system. Other employees will be far more susceptible if they think messages are coming from a legitimate source within the company, which could then mean the whole workforce becomes infected, enabling a mass ransomware attack. Printers could also be susceptible to internal attack once cyber-criminals have access to computers that provide remote access.
 
Anatomy of Endpoint Security
 
Many vendors offer endpoint protection platforms (EPPs) that combine different kinds of functionality, including a firewall, data, email and disk encryption (data at rest and in motion) as well as endpoint configuration and management (down to individual devices). Scanning incoming files for viruses and other malware (advanced antivirus) and endpoint threat protection are also key features. Many providers also offer endpoint detection and response (EDR, which may be broken out separately), threat forensics, data classification and loss prevention, insider threat protection, behavioral analysis, centralized administration and security policy enforcement.
 
A Complex Landscape
 
As the threat landscape has continued to get more complex, so have endpoint security products. One of the reasons vendors have taken a platform approach is so security organizations can have visibility across the different type of security tool types, unlike a collection of point solutions that weren't designed to work together.
 
Another benefit of EPPs is their ability to support the different types of endpoints as opposed to just supporting PCs, mobile or IoT/IIoT, for example. That way, if a threat appears via one device, the platform aggregates the threat information so it applies to all endpoints, not just the type that was attacked.
 
Similarly, though EPPs are available as a cloud or on-premises solution, a cloud solution enables the most up-to-date threat information to be shared across all of a vendors' customers. In fact, Gartner estimates that more than 95% of EPP purchases will be cloud-based by 2023.
 
Conclusion
 
There will be a lot more employees working from home post pandemic, and that has potential to be a positive change. Employees can more easily fit work and life together, without any noticeable drop in productivity. With the right computing safety precautions, one of the biggest downsides of remote working can be mitigated. That way, this brave new world of more flexible working can be a win-win for employer and employee alike.
 
Eileen Harrison is a technical writer for Lucky Assignments.
 
You Might Also Read:
 
Bad Cyber Security Behavior At Home Risks Being Taken Back To Work:
 
 
« Cyber Operations In Wartime
Japan’s New Cyber Security Strategy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Allen & Overy

Allen & Overy

Allen & Overy is an international law firm. Practice areas include Cybersecurity and Data Protection.

StratoKey

StratoKey

StratoKey is an intelligent Cloud Access Security Broker (CASB) that secures your cloud and SaaS applications against data breaches, so you can do secure and compliant business in the cloud.

Exprivia

Exprivia

Exprivia is active in the design, development and integration of IT systems including cyber security.

Adlink Technology

Adlink Technology

ADLINK is a leading provider of embedded computing products and services for applications including IoT and industrial automation.

SecLytics

SecLytics

SecLytics is the leader in Predictive Threat Intelligence. Our SaaS-based Augur platform leverages behavioral profiling and machine learning to hunt down cyber criminals.

Cyber Seguridad (Cyberseg)

Cyber Seguridad (Cyberseg)

Cyberseg provides specialized Cybersecurity services, including managed services (SOC / CERTs) and solutions for the protection of critical infrastructures.

GraVoc

GraVoc

GraVoc is a technology-consulting firm committed to solving business problems for customers through the development, implementation, & support of technology-based solutions.

Quadible

Quadible

Quadible BehavAuth is an AI-platform that continuously authenticates the users, without the need of any input, by learning their behavioural patterns.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

Swascan

Swascan

Swascan is the first all-in-one, GDPR Compliant, Cloud Security Suite Platform. GDPR Assessment, Web Application Scan, Network Scan, Code Review.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

Cyber Intelligence House (CIH)

Cyber Intelligence House (CIH)

Cyber Intelligence House provides risk exposure solutions for a wide range of audiences including companies, government agencies, regulators, investors, law enforcement and consumers.

Digital Identification & Authentication Council of Canada (DIACC)

Digital Identification & Authentication Council of Canada (DIACC)

DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian framework for digital identification and authentication.

US Department of State - Bureau of Cyberspace & Digital Policy

US Department of State - Bureau of Cyberspace & Digital Policy

The Bureau of Cyberspace and Digital Policy leads and coordinates the Department’s work on cyberspace and digital diplomacy to encourage responsible state behavior in cyberspace.

Klarytee

Klarytee

Protect your data wherever it goes. Klarytee is a SaaS platform that builds security into sensitive content to enable granular control in AI, public cloud and SaaS.

E-CQURITY (ECQ)

E-CQURITY (ECQ)

ECQ is a network security company offering offensive security services and solutions focused on active offensive and defensive positioning.