Seven signs your endpoint security measures need to change

During the past couple of years, with pandemic restrictions forcing large numbers of people to work from home, corporate security strategies have had to evolve.

Increasing focus has been placed on endpoint devices that are operating without the protection traditionally provided by the corporate firewall. Cybercriminals are increasingly targeting these devices in an attempt to secure access to a wider IT infrastructure.

There are a number of solutions on the market that claim to safeguard the security of endpoint devices and networks. Offering benefits such as protection against sophisticated malware attacks, many also deliver good performance when running processes, and good usability.

However, the growing number of successful cyberattacks are an indication that cybersecurity practices are often not providing the level of protection that is required. This is why having the resources, technology, and ability to manage the security of endpoint devices and access points to company networks has never been more important.

There are seven particular signs that can alert an IT team when a solution is not providing effective endpoint security. Those signs are:

  1. Poorly integrated security tools:
    In some cases, a chosen security vendor may lack some of the cybersecurity tools needed to protect endpoints. In these cases, the IT department must integrate different solutions from a range of different vendors. Unfortunately, this can add complexity to the coordinated management of tools and generate performance problems. It can also create security holes rather than provide better protection, as well as increase TCO by having to purchase solutions that do not belong to the same offering.

    By instead deploying a unified security platform, an organisation can achieve better protection and reduced complexity. Many manual tasks can also be automated which improves the efficiency of the IT department and allows staff to focus on other things.

  2. The need for ongoing, complicated management:
    When it comes to selecting a unified security platform, care should be taken to ensure it is intuitive to use and will not require a lot of hands-on resources. It should have operational simplicity under a single lightweight agent that is agile and can be managed through a single console.

    The platform should also offer easy and rapid implementation, with minimal impact on endpoint performance and without the need for additional infrastructure.Ideally, it should also deliver the high performance and scalability of a cloud-based architecture.

  3. Weak protection against sophisticated cyberattacks:
    Some security solutions on the market, typically those based on more traditional protection technologies and limited to detection and response functionalities, are not capable of dealing with advanced cyberattacks. Hackers have been quick to exploit these serious security gaps in organisations.

    To ensure endpoints are protected effectively, organisations need a solution that incorporates advanced security technologies based on a zero-trust protection model. This is a model that offers an effective response to sophisticated threats by not allowing any process or application to run that has not been previously classified as reliable.

  4. Tools that delegate too many security decisions to clients:
    Manually classifying threats or delegating them to IT teams puts a strain on security administrators as they can quickly be saturated in alerts. As a result, research shows the losses after failing to detect a security breach by organisations that do not use automated services or technologies are almost double those that do.

    Also, industry professionals highlight the shortage of cybersecurity skills and training in companies. Automated endpoint detection, containment, and response services are needed to reduce user workloads and make their day-to-day life easier.

  5. Incompatibility with legacy systems:
    Some security solutions on the market are unable to protect all the computers that still run legacy systems or that are not fully compatible with different architectures. This makes the security of the entire IT infrastructure weaker.

  6. An Inability to reduce the attack surface:
    Another factor to consider is how well chosen technologies can reduce the overall attack surface of an organisation. This should include the provision of anti-exploit and web protection capabilities, as well as the ability to undertake patch management for the operating system and third-party applications. It should also include contextual detection capabilities on external accesses, servers, lateral movements, or suspicious behaviour by ransomware and fileless malware.
  7. Lack of centralised technical support:
    Unfortunately, there can be issues with some cybersecurity vendors when it comes to technical support. This can leave customers at the mercy of cyberattacks or facing potentially urgent problems. Support agreements should always be carefully checked prior to deployment of the tools.

By being mindful of these signs, an organisation can ensure it has selected the best platforms and tools to deliver comprehensive protection not just to endpoints, but its entire IT infrastructure. Business operations can continue while the threat of attacks is minimised.

Anthony Daniel
Anthony Daniel is Regional Director – Australia, New Zealand and Pacific Islands at WatchGuard Technologies. He has more than 15 years’ sales and senior account experience in the IT and telecommunications industry and is responsible for leading WatchGuard Technologies’ regional sales growth and business expansion while overseeing all aspects of management, including channel partner development, distribution strategy and revenue growth. He was previously Senior Regional Sales Manager for Australia, New Zealand and the Pacific Islands at SolarWinds and has also worked in senior sales management positions at Oracle, Vocus and Vodafone.