“You are only as strong as your weakest link”: how can MSPs and SMEs improve their endpoint security “You are only as strong as your weakest link”

Endpoint security is critical. Most successful cyber attacks happen through the endpoint with hackers preying on the inattention or trust of users to download or open infected files

“You are only as strong as your weakest link”: how can MSPs and SMEs improve their endpoint security

IT administration isn’t easy, especially when you consider the risk posed by cyber threats that can shut down a network and cause irreparable business damage

Effective endpoint security requires knowing which security tools are in use, ensuring they are up to date, and enforcing policies and best practices.

Of course, this is easier said than done, especially for a hard-pushed small to medium-sized business. Often, administrators don’t know exactly which antivirus (AV) tools are where, which versions of software are running, or which patches are current or outdated.

Large distributed networks typically have multiple AV tools and run different versions of systems applications, all of which require version-specific updates.

Without a consolidated view and centralised management of the network, keeping everything current and patched is almost impossible.

>See also: Time is money – efficiently securing your company’s endpoints

With potentially more impact than a financial loss, the costliest part of a security breach is data loss, theft and corruption. Lost productivity can cost millions and the theft of an organisation’s intellectual property can be devastating.

The Ponemon Institute estimates the cost of cybercrime per organisation at an annual $8.9 million. Cybercrime can also wreck an organisation’s reputation – sometimes irreparably – if private data is stolen or exposed.

IT administrators often teeter on the edge of disaster. And while they understand the dangers of unpatched software, administrators may feel helpless in the face of relentless hackers and a complex, demanding patch schedule.

Not only do they have to protect their organisations, but also their own jobs and reputation. When a security incident occurs, their heads will be the ones on the line.

So even if a breach occurs, administrators must prove they took the proper steps to protect the network and data – that they followed corporate policies and met regulatory requirements. A big part of that involves timely patching and updating.

>See also: Securing the endpoint from dangerous cyber threats

The only chance that budget-tight IT departments have at effectively tackling all these challenges is by replacing error-prone, time-consuming manual processes with the automation of endpoint security management for audits and patching.

Administrators need to manage these processes from a single dashboard that gives them a comprehensive view of the IT environment.

Instead of resorting to guesswork, administrators have information at hand about which antivirus tools are deployed and on which machines.

All endpoints are covered and hard-to-reach remote and mobile computers are also patched and updated regularly. This is key to preventing infections caused by malware that users sometimes unwittingly pick up outside network firewalls.

Centralised management reduces security tasks from days to hours – or even minutes. Scans and deployments can be scheduled off-hours to avoid interrupting users.

Through the dashboard, IT teams keep tabs on the health of the network 24/7 through real-time alerts for various conditions, including missed scans, unpatched machines and out-of-date applications.

Alerts for suspicious events at endpoints can be set, giving IT the ability to react immediately by isolating a suspicious machine to prevent an infection from spreading and, if needed, initiate remediation.

>See also: Controlling endpoints to secure SMEs against increasing threats

Patch management works hand-in-hand with endpoint security to plug security holes that can
put an organisation at risk.

With simple mouse clicks, administrators can check patch status, deploy updates and enforce patch-compliance policies, all from a central location, keeping the software and security tools at each endpoint up-to-date.

The system works out of the box to audit patch status and compliance, taking only minutes to get up and running. Automated scans identify missing and out of date patches, and determine where new updates are needed.

Interoperability issues that create security vulnerabilities can be identified and addressed. Installation of software components is transparent, and can be scheduled to run off-hours, simultaneously to all machines, without disturbing users.

To complicate matters, patches sometimes cause problems for users and IT staff, breaking applications and deleting files. To avoid breaking applications and deleting files, administrators can test patches in an isolated environment before implementing them network-wide.

>See also: Gartner identifies the top technologies for security in 2017

Monitoring and alerts ensure that IT knows when patch deployments fail or when something goes wrong during reboots. Customisable reporting capabilities help administrators keep track of patch status and provide proof of compliance.

IT administration isn’t easy, especially when you consider the risk posed by cyber threats that can shut down a network and cause irreparable business damage.

By automating and centralising endpoint management for antivirus, security audits, patch status and patch management, tasks involved in protecting networks become easier and more efficient, improving MSPs and SMEs endpoint security and so helping them to fend off cyber threats.

 

Sourced by Mike Puglia, chief product officer, Kaseya

 

The UK’s largest conference for tech leadershipTechLeaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here

Comments (1)

philbishop

Totally agree that endpoint security is critical.

However, I'm not sure relying on AV that needs updating and patching is optimal.

I think you're better off purchasing an endpoint protection tool that doesn't need updating, or patching.

Cybanetix offers SentinelOne which has a single agent and a single cloud based management console. It never needs patching/updating, as it doesn't solely rely on signatures to detect malicious activity on an endpoint. It employs deep file inspection and process behavioural analytics so it protects against malware, even zero-days.

One of the key strengths is how easy it is to deploy and manage, making NSS Labs rate it as having the lowest cost of ownership AND the highest protection rate of all dynamic endpoint protection platforms.

Oh, there's the one-click remediation that "undoes" ransomware, all backed with a $1m warranty against file loss.

Free up your time and deploy a tool that just works, without you having to invest so much time and money to manage it.

https://cybanetix.com/partners/sentinelone/