As an IT professional, you know that endpoints are where attackers seek to exploit vulnerabilities, commit cyber fraud and conduct other malicious activity. But often, the more lackadaisical summer months can lead to security complacency with staff shortages, long weekends and roaming employees. Just because your company wasn’t the victim of a major breach this past summer doesn’t mean that your endpoints as potential points-of-entry are secure. Now is an ideal time for security professionals to double down on visibility efforts to identify issues that may have arisen during the dog days of summer.
Here are some tips and tricks, identified by Dan Ross, CEO at Promisec, for ensuring your organization is ready to start the fall with an effective strategy for monitoring threats and getting ahead of endpoint vulnerabilities – before you’re the victim of an attack.
Click through for tips and tricks for ensuring your organization is ready to start the fall with an effective strategy for monitoring threats and getting ahead of endpoint vulnerabilities, as identified by Dan Ross, CEO at Promisec.
Employees taking time off to hit the beach may return to the office with serious risks, such as a missed patch, antivirus, or hotfix update; a new program or blacklisted app; or a host of other endpoint security issues. Maybe the only Internet available at their beach cottage was a neighbor’s unsecured connection or the Starbucks’ free Wi-Fi down the street. Now is the time to check all endpoints for malware that could have been installed on an unsecure network, and move quickly to fix any vulnerabilities.
According to Promisec research, more than 20 percent of endpoints at a typical organization contain risks undetected by their IT security teams – such as disabled antivirus or unauthorized software running. The best defense against potential breaches and attacks is knowing the status of every point-of-entry for attackers. By taking a holistic approach to endpoint security, and implementing tools to visualize your whole network from a centralized point, you set your IT and security teams up to be ready in the possibility of an attack.
Recent cyber attacks have shown that simply disabling antivirus software is enough to cause millions of dollars in damage if hackers seize the opportunity to use endpoints as their platform for attack. It can be easy to lose track of which endpoints have disabled antivirus software. Did your A/V vendor release an update during the summer months? It’s not only critical to ensure your antivirus is activated, but also up to date. This applies to all software, such as Java or Adobe. How many Microsoft patch Tuesdays did you miss this summer? Now is the time to catch up, and get your endpoints up-to-date.
Do you know what your users, especially those with local admin privileges, were up to while you were on vacation? Now that you’re back at the office trading your iced coffee for pumpkin-flavored lattes, it’s time to ask what your users did while you were gone. For example, did anyone install remote-access tools to open files from the comfort of their lawn chairs or hotel? Most users don’t use complex passwords on tools that log them in remotely to their PC back in the office. You want to discover this software, and remove it quickly, before someone else gains access to their laptop, and then your data.
Your users might be sharing a lot more than photos of their trip to Bora Bora. When you’ve recovered from seeing colleagues in their beach attire, take a look at what else they’re sharing, particularly on their local networks. A recent cringe-worthy example: an HR administrator didn’t realize the state of open share settings on folders containing staffing structures, resignation letters, salary information, and sensitive financial data/projections until it was discovered by a now-disgruntled employee. Assess the open share settings on sensitive content, and prevent problems before they start this fall.
Do you have a major security compliance audit coming up? Now is the time to prepare, and run an assessment of vulnerabilities on your endpoints and the effectiveness of internal controls. Consider partnering with a vendor to improve your monitoring capabilities to detect noncompliance across endpoints, which are often found in disparate networks, systems, and hardware. You can inspect 100 endpoints for free with Promisec’s widely available inspection tool.
So, are your endpoints ready to go back to work after summer break?