A few years back it looked like the days of computer hacks, viruses and other malware might be numbered. New operating systems, server security awareness and antivirus software were getting to grips with the problem. Then along came WannaCry.
To suffer a WannaCry style attack you don’t need to open an email attachment, install dodgy software or even neglect your updates. It could find and enter your machine without any gullibility on your part and the WannaCry patch only appeared after Microsoft and other industry bodies were tipped off it was already in the wild. The worm exists compliments of our own security agencies, which rather underlines the futility of pinning hopes on someone else solving security worries for us. We all have to be our own gatekeepers, and for large organisations, this is a large problem.
Endpoint risk exposure
An organisation’s digital endpoints are many and varied. They include desktops, private laptops, POS systems and notepads, countless smartphones and a multitude of digitally connected equipment in the ‘internet of things’. Regulating digital connection between them is becoming essential both for security and to meet the requirements of increasingly broad information protection legislation. Endpoints are not only entry points for outside attacks, but also points of egress for sensitive personal data that you are legally obligated to protect by the new GDPR.
Designed to be used alongside security software, endpoint security monitors the connections and traffic taking place, automatically responding to suspicious or hazardous activity. For example, if the installation of new software is detected, an intelligent monitoring service can apply precautionary sandboxing strategies, offer patches or notify administrators. A newly attached laptop can be scanned for a range of specific security criteria.
People respond to potential risks with graded responses. Endpoint intelligence allows your system to do the same. For example, during the recent WannaCry attack, NHS teams had no options between shutting down networks or leaving them exposed, which is one reason their reactions were slow. Endpoint intelligence allows an organisation to respond appropriately faster, and a new generation of integrated security solutions are emerging to meet this challenge, one of which is Promisec (see https://www.promisec.com/).
Security policies, decision trees and risk analyses can be prepared in advance of emerging threats, and these are the kind of management tools that are already familiar to non-IT personnel.