Don’t let endpoint security be an afterthought

Issue 4 2022 IT infrastructure

Data management is critical not only for mitigating the risk of ransomware, but also for compliance with various data privacy and data protection regulations. Businesses have tools, policies and extensive systems in place to deal with this, but often forget about securing endpoints.

Iniel Dreyer.

An endpoint is any device that has access to a network, and this includes not only laptops and desktops, but also mobile devices and tablets. Any location where data is generated and stored needs to form part of an holistic data management approach, and if endpoints become an afterthought, they can be the source of vulnerability which creates a security loophole that could result in a serious data breach.

The biggest attack surface

Despite recent efforts being focused on data protection, the reality is that endpoints are still the biggest attack surface when it comes to ransomware and malware. When data is stored on a device, data protection needs to be deployed on it, including basic tools like antivirus and threat detection and prevention software. If data resides on a device, or it is created and/or stored on that device, there is also a compliance discussion that needs to be involved.

The reality is that at the endpoint, there is often a lack of stringent and enforceable policies in place to ensure that any data stored – especially sensitive information, personal information or corporate intellectual property – is protected effectively. It is imperative to include endpoints as part of any effective data management strategy, including insight into the data that lives on these devices, as this plays an important role in overall risk and compliance adherence.

The weakest link

With the rapid evolution of the workforce to a work-from-home and hybrid environment driven by the pandemic, endpoints have become something of a soft spot for malware to access networks, simply because they are not always adequately protected. Devices need to be secured, including mobile phones and tablets, and this should be part of corporate policy and not the responsibility of the individual. Ultimately, the business remains liable for a data breach regardless of where the vulnerability occurred, and the compliance issues and reputational damages will be the same.

People are often careless with their mobile devices, so all endpoints need to be paid the same attention in the data management design. Basics like antivirus, malware detection and prevention software, strong passwords and multi-factor authentication need to be in place, devices need to be secured, and data recovery strategies need to be in place should a data loss event occur. Furthermore, consistent policies need to be applied across all devices that access the network.

A proactive approach to data management

Data should never be managed in siloes, and the same applies to data created and stored on endpoint devices. However, businesses also need to become more proactive about data management, because managing data effectively is not just about protecting it but about preventing potential breaches and attacks.

Viruses are typically triggered on endpoint devices, and often do so undetected, but there are signs and behaviours that can indicate a breach before it can cause too much damage, such as higher-than-usual volumes of data being modified or downloaded. An effective data management strategy must include elements such as anomaly detection on devices to identify behaviours that are out of the ordinary, alert to potential problems and trigger policies to handle an event.

Data management is not just about protecting files, but also about preventing the spread of viruses and other malware. If endpoints are not considered as part of an overall data management strategy, they become an afterthought which could turn into a security loophole that raises the risk of a breach or a compliance issue.

Find out more at

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Cyber resilience is more than cybersecurity
Technews Publishing Cyber Security Integrated Solutions IT infrastructure
Hi-Tech Security Solutions held a round-table discussion focusing on cyber resilience and found that while the resilience discipline includes cybersecurity, it also goes much further.

Reliable, low-maintenance video appliances
Technews Publishing Editor's Choice CCTV, Surveillance & Remote Monitoring News IT infrastructure Products
Symetrix, part of the Agera Group, has added the AES range of video recording servers, storage appliances and workstations to its portfolio.

Infinidat a leader in ransomware protection
IT infrastructure Products
InfiniSafe brings together the key foundational requirements essential for delivering comprehensive cyber-recovery capabilities with immutable snapshots, logical air-gapped protection, a fenced forensic network, and near-instantaneous recovery of backups of any repository size.

What’s the difference between SASE, SD-WAN and SSE?
IT infrastructure
When it comes to the wide area network (WAN), the letter ‘S’ plays a pivotal role – from SASE to SD-WAN to SSE – but there can be some confusion with so many WAN ‘S’ acronyms.

Cold chain integrity in real time
Technews Publishing Editor's Choice Asset Management, EAS, RFID IT infrastructure Transport (Industry) Logistics (Industry)
DeltaTrak offers real-time farm-to-fork IoT monitoring of the cold chain to ensure every step of the journey is recorded and verifiable via the cloud.

BCX and Alibaba Cloud confirm partnership
News IT infrastructure
BCX and Alibaba Cloud have formed a partnership to bring cloud technologies to businesses in South Africa to drive local digitalisation.

IoV – the cutting edge of vehicle automation
Integrated Solutions IT infrastructure Transport (Industry) Logistics (Industry)
Today’s cars have become bona fide connected machines and not merely an extension of our mobile devices such as smartphones.

Advanced technologies to curb corruption
News Cyber Security IT infrastructure
The use of advanced technology to curb fraud, corruption and cyber-related crimes received a massive boost as the Council for Scientific and Industrial Research (CSIR) and Special Investigation Unit (SIU) agreed to work together.

DMaaS is the solution to hybrid cloud complexity woes
IT infrastructure
After an initial scramble to move everything to the cloud, companies are increasingly moving to a hybrid cloud environment, with a mix of private and public cloud infrastructure and services, coupled with on-premises storage.

The current and future state of smart OT security
Technews Publishing Industrial (Industry) Cyber Security IT infrastructure
Nearly 60% of survey respondents also revealed that their organisation suffered at least one OT breach during the past 12 months, with 10% experiencing four or more.