• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Cybercrime   »   Ensuring comprehensive endpoint security

Ensuring comprehensive endpoint security

  • Posted on:March 7, 2013
  • Posted in:Cybercrime, Mobility
  • Posted by:
    Trend Micro
0

Every company has now found a new endpoint security consideration to worry about in mobile device proliferation. John Sawyer wrote on Dark Reading that a flaw in an end user's device can lead to a breach that could reverberate across the entire company.

"Endpoints are as hard to define as they are to protect," he wrote on the website. "The term traditionally referred to desktops and laptops, but endpoints now encompass smartphones, tablets, point-of-sale machines, bar code scanners, multifunction printers and practically any other device that connects to the company network. Without a well-conceived strategy, keeping track of and securing these devices is difficult and frustrating."

Coupling with this is the fact that these endpoints are as vulnerable as they ever have been with zero-day attacks against Java and Adobe happening in recent months. HD Moore, chief security officer for vulnerability management firm Rapid7, told Sawyer that companies have to get serious about protecting internal networks, as it has been common knowledge for years that firewalls are not enough to eliminate the threat of viruses and other malicious software.

There are ways to make sure endpoints are more secured, according to Sawyer, including:
– Make sure iOS, Android, apps and other endpoints are updated to account for anything that may end up being a security risk
– Train users on security best practices to promote a healthy sense of caution to those that are using devices within a company
– Endpoint hardening techniques via new security products should also be researched, as this could help add new views of security through controls. There are also new techniques that companies may want to try out in order to add new layers of security which were not previously in place

"These include practices such as the principle of least privilege, whereby users are granted only the account privileges they need to do their jobs; segregation of duties, which requires more than one person to make critical changes; and need to know, under which access to resources is limited to those who must have it," Sawyer wrote on Dark Reading.

Breaking rules can cause problems
Not following these rules can cause problems. According to Ponemon Institute's recent 2013 State of the Endpoint report, 60 percent of respondents said they allow admin rights to some of all users in the environment, something that could cause a greater number of threats.

Other numbers from the Ponemon report highlight some compelling reasons for increasing security at the endpoint level, including that 80 percent of respondents believe mobile data bearing devices and laptops cause a significant security risk, 58 percent of respondents had more than 25 percent of malware attempts each month and 85 percent are increasingly concerned about Mac malware and infections.

"The greatest rise in IT security risk is occurring across mobile devices and third-party applications," Ponemon's report said. "According to respondents, the risks caused by mobile devices such as smartphones and removable media and vulnerabilities in third-party applications have gained significantly since 2010 … In 2010, only 9 percent of respondents said mobile devices was a rising threat. This year 73 percent see it as one of the greatest risks within the IT environment."

Sawyer wrote on Dark Reading that having all technological policies, whether desktop, laptop, mobile and other formats should make sure that attacks are less successful and leaks are less prevalent. This should include system audits, security configuration and putting a unique password on each local host. Data security must be taken seriously no matter what format is being used.

Consumerization News from SimplySecurity.com by Trend Micro.

Related posts:

  1. Mobile device use on the rise: Endpoint protection critical to business
  2. Endpoint protection: Top do’s and don’ts
  3. FBI issues smartphone security advice
  4. How mobile devices are really impacting your business: Endpoint protection best practices

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Cloud-based Email Threats Capitalized on Chaos of COVID-19
  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.