Don’t let endpoint security be an afterthought

Issue 4 2022 IT infrastructure

Data management is critical not only for mitigating the risk of ransomware, but also for compliance with various data privacy and data protection regulations. Businesses have tools, policies and extensive systems in place to deal with this, but often forget about securing endpoints.


Iniel Dreyer.

An endpoint is any device that has access to a network, and this includes not only laptops and desktops, but also mobile devices and tablets. Any location where data is generated and stored needs to form part of an holistic data management approach, and if endpoints become an afterthought, they can be the source of vulnerability which creates a security loophole that could result in a serious data breach.

The biggest attack surface

Despite recent efforts being focused on data protection, the reality is that endpoints are still the biggest attack surface when it comes to ransomware and malware. When data is stored on a device, data protection needs to be deployed on it, including basic tools like antivirus and threat detection and prevention software. If data resides on a device, or it is created and/or stored on that device, there is also a compliance discussion that needs to be involved.

The reality is that at the endpoint, there is often a lack of stringent and enforceable policies in place to ensure that any data stored – especially sensitive information, personal information or corporate intellectual property – is protected effectively. It is imperative to include endpoints as part of any effective data management strategy, including insight into the data that lives on these devices, as this plays an important role in overall risk and compliance adherence.

The weakest link

With the rapid evolution of the workforce to a work-from-home and hybrid environment driven by the pandemic, endpoints have become something of a soft spot for malware to access networks, simply because they are not always adequately protected. Devices need to be secured, including mobile phones and tablets, and this should be part of corporate policy and not the responsibility of the individual. Ultimately, the business remains liable for a data breach regardless of where the vulnerability occurred, and the compliance issues and reputational damages will be the same.

People are often careless with their mobile devices, so all endpoints need to be paid the same attention in the data management design. Basics like antivirus, malware detection and prevention software, strong passwords and multi-factor authentication need to be in place, devices need to be secured, and data recovery strategies need to be in place should a data loss event occur. Furthermore, consistent policies need to be applied across all devices that access the network.

A proactive approach to data management

Data should never be managed in siloes, and the same applies to data created and stored on endpoint devices. However, businesses also need to become more proactive about data management, because managing data effectively is not just about protecting it but about preventing potential breaches and attacks.

Viruses are typically triggered on endpoint devices, and often do so undetected, but there are signs and behaviours that can indicate a breach before it can cause too much damage, such as higher-than-usual volumes of data being modified or downloaded. An effective data management strategy must include elements such as anomaly detection on devices to identify behaviours that are out of the ordinary, alert to potential problems and trigger policies to handle an event.

Data management is not just about protecting files, but also about preventing the spread of viruses and other malware. If endpoints are not considered as part of an overall data management strategy, they become an afterthought which could turn into a security loophole that raises the risk of a breach or a compliance issue.

Find out more at www.dm-p.co.za




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The benefits of Managed File Transfer
IT infrastructure Products
Blue Turtle Technologies looks into how a Managed File Transfer platform benefits businesses, as opposed to the usual FTP or SFTP suspects.

Read more...
Accelerating your Zero Trust journey in manufacturing
IT infrastructure Cyber Security Industrial (Industry)
Francois van Hirtum, CTO of Obscure Technologies, advises manufacturers on a strategic approach to safeguarding their businesses against cyber breaches.

Read more...
Cyber resilience is more than cybersecurity
Technews Publishing Editor's Choice Cyber Security Integrated Solutions IT infrastructure
Hi-Tech Security Solutions held a round-table discussion focusing on cyber resilience and found that while the resilience discipline includes cybersecurity, it also goes much further.

Read more...
Keeping devices in check
Cyber Security Asset Management, EAS, RFID IT infrastructure
Kaspersky patents new technology for analysing relationships between electronic devices to counter cyberattacks launched through connected IoT devices.

Read more...
Considering cloud downtime insurance?
Arcserve Southern Africa Cyber Security IT infrastructure Security Services & Risk Management
Byron Horn-Botha, business unit head, Arcserve Southern Africa, reveals three vital steps that you must consider to ensure business continuity before you buy insurance.

Read more...
A robust OT cybersecurity strategy
Editor's Choice Cyber Security IT infrastructure Industrial (Industry)
Cyber experts are still struggling to convince senior management to spend money to protect their control system assets, resulting in a lack of even basic measures to protect control systems.

Read more...
IT security at the core of smart cities
Cyber Security IT infrastructure Government and Parastatal (Industry)
The success of service delivery and public access to universal Wi-Fi, home automation and smart sensors is based on increased IT security.

Read more...
Securing IoT devices to maximise their value
IT infrastructure Cyber Security
Anything that is connected to the Internet is a potential security vulnerability, and IoT devices are increasingly targets through which cybercriminals infiltrate networks.

Read more...
Axora launches Metals and Mining Innovation Forecast 2022/23
IT infrastructure Security Services & Risk Management
Miners making super-slow progress towards digital transformation despite universally designating it ‘critical to survival’, with cybersecurity one of the concerns hindering progress.

Read more...
The rise of edge computing: What does it mean for cybersecurity?
IT infrastructure Cyber Security
Edge computing reduces response times, decreases bandwidth usage and maximises the real-time value of data for applications, processing or storage, by bringing it all closer to the source.

Read more...