With remote work here to stay for many organizations, endpoint security has never been more crucial. Why? Employees are now working from so many locations, on so many different devices, that it would be nearly impossible for any single IT team to verify that employees will use VPNs or other security measures to access them. A recent survey from HP showed that 76 percent of office workers surveyed said working from home during the pandemic has blurred the lines between their personal and professional lives. In fact, some 30 percent admitted to allowing someone besides themselves use their work laptops, often more than once per day. Even more surprising: nearly half of workers now think of their work laptops as personal devices.
With remote and hybrid work clearly remaining part of our collective new normal, it’s time for organizations to get serious about their network security. While many must give remote access to networks and servers, they don’t have to simply hand over the keys over and walk away. Whether it’s an employee device or a customer-facing device, if an organization can force devices connecting to its network to follow certain security measures, they then can ensure protection from potential cyberattacks.
Why Protecting Against Cyberattacks is Key
Security is, or certainly should be, an integral part of business strategy today — both from a hardware standpoint and a software standpoint. Why so important? Between February and April 2020, HP’s research shows there was a 238% increase in global cyberattack volume — threat actors wasted zero time taking advantage of a global pandemic that necessitated an immediate pivot to work from home.
Let’s take a look at some other stats. In 2020 alone, ransomware, one of the most common cyber threats, spiked by 150%, with email being responsible for approximately 94% of all malware. A whopping 300,000 new pieces of malware are created daily, and some 24,000 malicious mobile apps are blocked daily on the internet. Some 64% of companies worldwide report they’ve experienced at least one form of a cyberattack, and every 39 seconds there is a new attack somewhere on the web. Almost a little overwhelming to think about, isn’t it?
Obviously, this presents great risk to organizations of all sizes, both from a reputational and customer trust standpoint, as well as the costs involved in remediating a cybersecurity breach, which are predicted by Cybercrime Magazine costing organizations upwards of $6 trillion dollars by the end of 2021. So how do organizations protect themselves? The answer lies in endpoint security.
What is Endpoint Security?
Endpoint security is the process of securing any endpoint that may have access to your enterprise’s internal network. An endpoint could be any device, portal, or connection, be it in the form of networks, data storage locations, remote workers, or even vendors able to access to your network. And how does it work? In simple terms, endpoint security seeks out viruses, malware, and other risks and, if it finds them, it works to mitigate the risk to the rest of the network by keeping the locked down.
Recently, I got an inside look at HP’s new endpoint security offering HP Wolf Security. This new breed of security offers a robust layer of protection built into HP PCs and printers. It uses a process of hyper segmentation to keep risky endpoint behavior separate from less risky behavior. Things like checking email or downloading new applications online will be done in a separate, secure container so that if a breach were to occur, it would hit only that segment —not the rest of the network.
Are Endpoints Really a Significant Security Issue?
Are endpoints really a significant security issue? In short, that’s a resounding yes! In fact, I believe they’re the biggest. In that HP survey that I cited earlier, research shows that more than 90 percent of IT professionals now believe endpoint security is just as important as network security. Why? Research shows that 70 percent of successful breaches start on endpoint devices. Of those, 99 percent occur when an employee clicks something they shouldn’t — a phishing email that looks official, a log-in screen that’s been compromised. With so many people working from home during the pandemic, it should be no surprise that cyberattacks have increased 400 percent — there are simply too many blind spots for businesses to keep track of. Case in point: a 2020 study cited by Kuppinger Cole found more than half of networkers are accessible via often-used open printer ports that are vulnerable to being hacked.
We used to think of network security as a perimeter issue, but in reality with so many endpoints, the perimeter no longer exists. Using Zero Trust as a foundation, HP Wolf Security and other endpoint security providers use one simple rule: nothing is to be trusted. Anything connecting to your network must be validated before gaining access. And even when vetted, it will operate in a separate virtual machine to keep the rest of the network secure. That’s good news because the earlier-referenced report from HP Wolf Security found that 71 percent of office workers are now accessing more company data, more frequently, from home than they did before the pandemic occurred. And, the most common types of information being accessed is customer data, operational data, and financial data — some pretty important stuff.
Endpoint Security: Integral to Cloud-based Security and SASE Architecture
As businesses evolve their endpoint security, security gaps across endpoints, cloud, and on-premise leave organizations vulnerable to hackers who look to exploit any security deficiency. To address this emerging security challenges, the SASE (Secure Access Service Edge) architecture is being developed to assign network controls on the cloud edge, allowing organizations to transition away from data center-centric security and align security closer to service activity and access including endpoints. This includes consolidating SD-WAN (software-defined wide area network, secure web gateway, firewall as a service, cloud security broker, and zero-trust network access functions into a single, integrated cloud service.
Major networking suppliers, such as Cisco, Citrix, and Juniper, have invested heavily and developed their portfolios to provide comprehensive solutions that support adoption of the SASE framework. Cisco, for example, emphasizes that its SASE portfolio provides all the building blocks of a SASE architecture to ease organization transitions to the cloud by fulfilling the full range of their security, networking, and observability requirements including end-point security integration.
Juniper Networks’ SASE offering is showcased in its Connected Security portfolio, and is designed to protect end points, users, applications, and infrastructure by extending security to every point of connection, from client to cloud, across the entire network. This includes Juniper Security Director Cloud, which is the SASE portal for its customers managing on-premises, cloud-based security, and cloud-delivered security all through a single UI (User Interface) that provides unified visibility and management. While unified visibility and management are integral to a successful SASE implementation, Juniper acknowledges that Security Director Cloud is a first step in its overall security portfolio development strategy to deliver a broader, holistic SASE offering.
I anticipate that organizations will further accelerate adoption of SASE to ensure their overall security meets the demands of an expanding attack surface including the full integration of endpoint security into a comprehensive security and networking framework.
Endpoint Security: Keeping Your Network Safe
The hard truth is hackers are smart. In addition to being smart, hackers realize there is relatively easy money to be made in the cyberattack business — and they aren’t wasting time taking advantage where and when they can. Whether it’s a hybrid or work from home environment or within the corporate setting, endpoint vulnerabilities represent a very real risk — and one that must be addressed. Laptops, mobile devices, routers, printers, downloading things from the internet, accessing social media sites, opening an attachment to a text message, shopping online, opening email attachments or web pages, making video calls, and watching online streaming services – all of these things can be dangerous. And it’s fair to say we have ALL done them, either while working remotely or while sitting in our corporate offices. The lines between personal and business have blurred, and there is no reason to expect that to change moving forward. The future of work is now, and it’s clearly destined in large part to be a hybrid experience, with employees working from the office part of the time and remotely part of the time. That’s why endpoint security is so important, and why innovation being developed in the space, such as SASE, will allow your IT teams to take the stress and guesswork out of monitoring the entire network system—not just the specific network perimeter, but everything it touches.
Disclosure: Futurum Research is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
The original version of this article was first published on Forbes.