"Not so," said Richard Broeke, an IT security expert of Securicom, the managed IT security services vendor.
"Security basics like antivirus and anti-spyware have become such a 'given' that nobody pays attention to them anymore. When last did you see anybody calling to hire an antivirus specialist?
"IT departments are focused on other newer and more 'important' threats, like those that impact on the network. They expect the basics to keep ticking over, so endpoint security isn't being watched. There's no monitoring of how these endpoints behave when they connect to Wi-Fi, or control over what sort of peripheral devices are being plugged into them, and if they are secure. In most companies, nobody is monitoring how critical and sensitive business information is accessed, shared and manipulated on disparate endpoints.
"The basics are installed, but who's checking if the software is configured correctly or if changes have been made that make the system vulnerable? Who's checking if updates are being applied with the required frequency?
"All the 'old' risks are being neglected. Yet, each and every unwatched endpoint is a hole in a company's IT security armour," said Broeke.
A lot of companies have lost their grip on security of IT assets. Employees have relative free reign to plug-in whatever peripherals they choose, and access, extract and manipulate company information at will, opening up the network to security risks.
For instance, employees can unwittingly deposit viruses and other malicious content onto company resources by plugging in infected peripheral devices like iPods, cameras and memory cards. Employees' unbridled access to information on company systems poses a more sinister threat.
The growing mobile workforce poses its own problems. Just a few years ago, most employees used their computers at work, within the relatively safe confines of the network firewall. Now they're roaming, outside the network perimeter, and connecting to it from home, airports and restaurants. This issue with this is that information - the lifeblood of any business - is vulnerable. The network that they connect to using unsafe connections is also vulnerable.
"Companies need to refocus on the endpoint. Effective technologies should be in place to protect and monitor assets within the IT ecosystem, and the information that is stored on them. Companies should be able to get a view of the entire ecosystem, and the security status of each and every endpoint," said Broeke.
With an effective, centrally managed endpoint security solution, security updates can be routinely applied, and authentication and access rules can be enforced. It also offers the ability to limit or prevent the use of peripheral devices on company computers, as well as implement mechanisms to control which applications and business information certain levels of employees are permitted to access.
When rules are broken, company resources are abused, or security on a device is outdated, the administrator is alerted and can take action to remedy the problem. A centrally managed endpoint security system also assists with the effective, efficient and safe onboarding and decommissioning of company assets. It's not difficult to replace a laptop, but recovering the exposed information can be a massive undertaking.
"Companies can regain control of endpoints and ensure that their intellectual property is secure with a centrally managed endpoint security solution. From a commercial perspective, opting for an encompassing endpoint security managed service turns antivirus spend into a monthly service spend. It's more cost-effective and it puts companies in control of their information again because it goes beyond just antivirus," concluded Broeke.
