10 Reasons Enterprises Should Rethink Endpoint Security

 
 
By Chris Preimesberger  |  Posted 2012-11-30
 
 
 

Cyber-Crime Remains a Jump Ahead

Cyber-criminals are becoming more sophisticated, targeting their attacks at whitelisted vectors; after all, who wouldn't open an email attachment from his/her manager? While employees may think they are complying with company security measures, a simple and honest mistake could compromise the entire company.

Cyber-Crime Remains a Jump Ahead

Mobilization Adds New Problems

As the enterprise workforce continues to mobilize, extending corporate information security policy to employee endpoints will require tools that transcend network connectivity, patch levels and authentication.

Mobilization Adds New Problems

Everything Is Vulnerable

Each email attachment, document and Website should be construed as a set of applications running on company-owned devices. It's quickly becoming impossible to tell the good from the bad.

Everything Is Vulnerable

Old Detection Methods Outmoded

Existing security technologies rely on detection of threats through signatures—a method that makes it impossible to block "zero-day" attacks that have never been seen before, or "polymorphic" attacks that dynamically change their signature.

Old Detection Methods Outmoded

Time Is Always of the Essence

The longer it takes to defeat an attack, the more damage it can do.

Time Is Always of the Essence

Traditional Safeguards Continue to Be Exploited

By using polymorphic, undetectable designs that change with every use, move slowly and exploit unpatched vulnerabilities, attackers are successfully exploiting gaps exposed by traditional and next-generation firewalls, intrusion-prevention systems (IPS), antivirus and Web gateways.

Traditional Safeguards Continue to Be Exploited

Cyber-Criminals Using Coordinated Attacks

Today's threats are more of a series of coordinated attacks than a single binary, and use data that is easily available on social networking sites to create highly targeted, clandestine forays aimed at users who are reachable through the Web and email.

Cyber-Criminals Using Coordinated Attacks

Mobile Workers Are Increasingly Vulnerable

Network-based security is ineffective in protecting mobile users. Increased employee mobility poses a challenge to traditional network security solutions; an executive working from a hotel or a salesperson connecting from a coffee shop are highly vulnerable to attacks as they are unprotected by corporate network defenses.

Mobile Workers Are Increasingly Vulnerable

Locking Down Desktops Isn’t the Answer

Locking down the desktop by significantly narrowing users' access to the Internet creates new challenges. Users rely on the Internet to accomplish their daily activities, and if they cannot get their work done through the enterprise-provisioned endpoint, they bring other devices to work and circumvent IT policy in search of productivity.

Locking Down Desktops Isn’t the Answer

Human Error Will Always Occur

Users are only human. No matter how comprehensive an enterprise's tools may be, an attacker can design malware to bypass even state-of-the-art detection and protection systems and trick the user into continuing the behavior that lets the attack persist.

Human Error Will Always Occur

Rocket Fuel