120 likes | 137 Views
More endpoints and harder-to-manage endpoints add up to challenges for IT security<br><br>If youu2019re a company owner or an IT manager, then WannaCry, NotPetya and massive Zero Days have probably made you rethink just how important it is to secure your business network.
E N D
More endpoints and harder-to-manage endpoints add up to challenges for IT security If you’re a company owner or an IT manager, then WannaCry, NotPetya and massive Zero Days have probably made you rethink just how important it is to secure your business network. This is the only upside of these cyberattacks. However, WannaCry or NotPetya aren’t the starting point of cyber threats, they’re just the latest evolution. Ransomware has been the biggest threats for businesses for the past 2-3 years, and the conditions are set for it to remain so for the foreseeable future.
Provide cybersecurity training to employees Cybersecuritytraining for employees is now a must for every business. Too many users skip on basic security practices such as strong passwords, updating their software or not recognizing a phishing email. To help your employees get up to speed to the best Internet security practices, we recommend you check out our helpful educational resources. To put things into perspective, nearly 41% of company data leaks happen because of negligent or untrained employees who fall even for simple phishing emails.
Endpoints under threat There’s no doubt that IoT devices can pose real opportunities for businesses, helping them improve their processes and reduce operating costs, but they also open up new vulnerabilities for hackers to exploit. In March 2018 Symantec noted that attacks on IoT devices had increased by 600% between 2016 and 2017. Many such attacks have targeted consumer devices, including webcams, home routers, digital video recorders and baby monitors, but as use of IoT devices spreads into business, more and more companies could be affected. A recent report by the Ponemon Institute suggests that while the number of IoT devices in the workplace is increasing significantly, practices for securing and managing those devices aren’t maturing at the same rate. In fact, 56% of those surveyed didn’t even keep an inventory, mostly due to a lack of centralised control.
The problem with the old approach This ties into a wider problem: that many of the existing security provisions are no longer effective. A bigger, stronger wall at the perimeter will no longer fend off attacks that target the endpoints themselves and then move laterally. In fact, phishing attacks and other forms of targeted attacks are designed to do exactly this. Anti-virus products, meanwhile, are struggling to keep up with the rapid development of malware, not to mention the growth of fileless attacks; malware that resides in memory without ever appearing on a drive.
The SANS survey explains that only 47% of the attacks detailed by respondents were detected through anti-virus, with 32% detected through automated SIEM alerts and network analysis, and another 26% detected through EDR (endpoint detection and response) platforms. For too many companies, the time between spotting an attack and remediation is still measured in hours or even days and ‘with infections spreading across endpoints in minutes, this is a lengthy window for attackers.’ Track user log in / log off activity on your business networkKnowing when a user logs in or off their work accounts or devices will help you pinpoint the start of an infection. It’s also a good prevention method, since you can track if a user has dangerous habits when connecting to work accounts.
Unfortunately, login tracking can be a hit-and-miss affair, regardless of the method you use. The one that usually gets the best results is to use a script in your login process. Here’s a short tutorial on how to set up the script. Another thing you can do to see where an infection starts and how it spreads is to track file sharing. Dedicated programs will keep track of who and when accesses a file and what they do with it. Here’s one list of such programs plus another one.
Solving the endpoint equationWhat can organisations do? Part of the answer lies in developing and making effective use of automated EDR platforms and attack behaviourmodelling, using AI and Machine Learning to accelerate detection and remediation. Companies need both the budget to procure new security technology and the resources to implement them, but this is a long-term play. Businesses need solutions right now. Simple, practical measures would include a stronger upgrade and patching policy that addresses the full range of devices, including IoT devices and printers. Here robust printer management and security tools, like HP JetAdmin and HP JetAdvantage Security Manager can help, enabling companies to establish a single security policy and apply it across the entire printer fleet.
Training is another effective option. The more informed workers are about malicious apps, malicious websites, phishing and other risks, the less chance there is of attacks creeping through. In fact, workers trained to spot and report strange device behaviour can provide crucial early warning signs. End-users may need help to secure their BYOD devices, and information on why they shouldn’t disable security on business devices, even when it seems an inconvenience. But with the right training and policies in place, you can turn end-users from a major vulnerability into the first line of defence.
Always keep your servers updated Like any other hardware and software out there, servers also require to be constantly updated with the latest feature and security patches. These can make all the difference between a clean server and a hacked one. There’s a reason why every cybersecurity expert’s first advice is to update your software: it works and it keeps you safe from malware designed to exploit vulnerabilities (like WannaCry did).
Don’t do web browsing from the server side This includes any other kind of activity not work related. Use the server strictly for its main purpose: to manage a company’s endpoints. The less interaction a server has with the web, the fewer chances there are for a cybersecurity threat to compromise it. Of course, in certain instances, you need to have a browser on the server in order to access other servers using a web console functionality. A more secure PC and printer fleet won’t fix vulnerabilities affecting IoT devices or applications, but it gives IT teams more time and space to monitor, manage and update these more vulnerable endpoints. In today’s hostile threat landscape, they need all the help they can get.
Server Firm is a leading provider of dedicated servers in India, Multiple Server. Chat with our technical experts to get in best-dedicated server prices, Multiple Server. High performance, Reliable, affordable dedicated servers. High bandwidth dedicated servers at lowest price. 24X7 supports. Best dedicated server provider.We are providing various type dedicated servers:• Custom Dedicated servers(100% customizable)• Dedicated Server instant setup Please visit website for more details: http://server.firm.in IT Monteur, B-71, Shalimar Garden Extn-2, Ghaziabad, UP, India-201005 Phone: +91-9582907788+91-96540164840120-2631048 Mail:sales@itmonteur.net