Endpoint Security Protection: Endpoints Are the New Perimeter
A Cyber Security White Paper
It is well established that perimeter security is imperative to protecting company networks and information. But in recent years cyber crime tactics have changed and evolved, and endpoints have become the new perimeter in terms of security vulnerabilities.
Endpoints generally include any end-user computing device, mainly desktops and laptops, but also include tablets and smartphones. Because network perimeters are now more secure, hackers and cyber criminals are now targeting end user devices as a means of entry into company networks.
There are number of ways that cyber criminals can compromise endpoints, the most common being via Internet browsers. In order to browse the Internet, firewalls have to be opened to allow for the retrieval of external content. Hackers often exploit vulnerabilities in the parsing of this external content to gain control over your PC. Once through the firewall and hooked into the operating system, viruses and other malware can then spread laterally to infect an entire network.
Hackers frequently target Browser add-ons, or “browser helper objects” (BHOs) such as toolbars and applications like Java and Flash, to gain and maintain their access to endpoints.
Preventing Endpoint Attacks
There are a number of ways to protect your end-user devices from malicious attacks. The first is to make sure end users are not operating as “administrators” on their devices. When browsing, if the user has administrator rights on his or her laptop or PC, any malicious software that breaks through will possess these same administrator rights. If the user has restricted permissions, it will likely limit the damage from the malware.
Second, all computers and other endpoint devices should receive regular security updates for both operating systems and applications. Regularly patching software installed on your computer will help protect your network from exploitable endpoint vulnerabilities. Additionally, using up-to-date security and anti-virus software provides an added, essential layer of protection.
Lastly, it is important to provide periodic training and education to end-users to minimize risk from browsing unsafe sites, from clicking on potentially malicious links, and from improper disclosure of information. Safer browsing is not a solution to endpoint vulnerabilities, as “safe” sites can still be compromised from time to time.
Social Media Policies
Having a social media policy in place is another important step in preventing endpoint attacks. While social media sites themselves are no more or less vulnerable than other websites, the interactivity inherent in social media allows hackers to use tools of social engineering such as ingratiation, assistance, persuasion and intimidation to garner sensitive information from other users. Hackers also use personal information divulged on social media to guess passwords and other sensitive data. It is important that end-users understand the limitations of where and with whom they can share confidential or sensitive information. Users should also be aware of how they should behave and interact with social media.
iPhones and other mobile devices present a slightly different security threat than desktops and laptops because of their portability and rapid adoption. While techniques such as ‘sandboxing’ allow relatively secure Internet browsing, the data contained in emails and other programs is highly accessible should the device be lost or stolen without a protective pass code in place.
A Layered Approach to Security
While no security system is impenetrable, a layered approach to security, such as SE EventWatch®, SE Secure, SE Monitoring and SE Encrypt can significantly reduce risk. Systems Engineering’s layered security works to secure both perimeter and endpoints by security patching, filtering content and monitoring network activity.