| |||||||||
| |||||||||
Current Filter: Security>>>>>> Endpoint Security: A Call to Action Editorial Type: Opinion Date: 03-2014 Views: 2532 Key Topics: Security Data Leakage Endpoint Security Virtualisation Cyber-Attack Key Companies: UZ leuven SolarWinds FireEye Key Products: Symantec Endpoint Protection Key Industries: Health | |||
| In a world of constant combat between hackers and security practitioners, corporate IT teams must continually strengthen their IT security, warns Lawrence Garvin, head geek, SolarWinds Security branches out into all areas of IT and IT pros need to secure the entire IT infrastructure, but organisations tend to inadvertently neglect endpoint security. Endpoint security threats are increasing each day, and while the motives vary widely, these threats can lead to exploiting vulnerabilities in enterprise endpoints. Common threat sources include active (hacking) and passive (malware) techniques from physical devices, social networks, and other employee behaviours. What can be done to prevent these attacks? Here, the focus will be on best practices and strategies for enhancing endpoint security, and ensuring endpoints stay protected and secure. Unauthorised software installations present some of the most common security vulnerabilities that plague enterprise IT environments. Organisations adopt policies to ensure only secure and required software is installed on employee workstations, but users disregard the policies and install unauthorised software.
SOFTWARE EXPLOITS ON ENDPOINTS
• Patchable software, which has known vulnerabilities but can be patched with security updates available from the vendor To mitigate the risk of threats, IT teams should restrict the ability to install software on workstations and perform a regular software inventory to identify installed software While monitoring workstations will help identify unauthorised software, authorised software can still be a vector for exploitation. IT admins must focus on patch management to keep business software up to date.
IMPACT OF MALWARE The 'Verizon 2013 Data Breach Investigations Report' cites malware as the source of 40% of breaches that occurred in 2012, second only to hacking attacks. The 'Advanced Cyber Attack Landscape' report from FireEye indicates that malware has become a multi-national activity, with callbacks sent to command-and-control servers in 184 countries in 2012 alone. These numbers have increased by approximately 50% since 2011. All endpoints should be equipped with anti-virus/anti-malware (AV/AM) software to detect and quarantine malware, but cybercriminals are growing increasingly adept and are continually introducing newer attack methods. This dangerous evolution requires advanced security and protection to monitor the functioning of AV/AM solutions. IT admins need to monitor security events by collecting logs and correlating them for advanced incident awareness. Log management of AV/AM systems and other security appliances can develop a protective and preventative security information and event management (SIEM) framework.
ENDPOINT THREATS FROM USER ACTIONS
Page 1 2 | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |