In August 2020, Microsoft released the results of a sprawling survey of 800 business leaders in the United States, United Kingdom, India, and Germany that shows how the coronavirus pandemic is accelerating the digital transformation of cybersecurity. The Microsoft survey reported that “an alarming number of businesses” are still impacted by rudimentary phishing scams and security budgets. In addition, hiring increased in response to COVID-19 as organizations invest heavily in cloud-based technologies and architectures such as Zero Trust.
Of particular interest is where organizations are investing their cybersecurity dollars. The top five cybersecurity investments since the beginning of the pandemic, as ranked by the percent of respondents who selected these initiatives, are:
- Multi-factor authentication: 20%
- Endpoint device protections: 17%
- Anti-phishing tools: 16%
- VPN: 14%
- End-user security education: 12%
Perhaps the above prioritization is not a surprise to anyone, but maybe this data point is: Among U.S. respondents, the highest-ranking cybersecurity initiative was endpoint device protections at 24%.
How a Global Pandemic Increased the Need for Endpoint Security
Endpoint device protection – also known as endpoint security – refers to the security measures taken to address threats faced by network endpoints, which are devices such as servers, workstations, laptops, and mobile devices. Endpoints pose a significant security risk because they have access to both the central server and the outside world. Thus, any flaw or gap in their security can lead to loss of crucial data from the server.
As the pandemic has accelerated the adoption of a work-from-home workforce, organizations have had to make access to data easier, including the use of bring-your-own-device policies or remote access. While these changes have been necessary, they come with a cost, with those costs being the potential security threats that can take down your entire network.
The use of insecure home and public Wi-Fi networks coupled with personal smart phones, laptops, and other portable media makes the typical enterprise network security perimeter more prone to threats than ever.
Endpoint Vulnerabilities are Widespread and Rampant
Despite this, a Ponemon Institute study titled, The Cost Of Insecure Endpoints, revealed major vulnerabilities in protecting endpoints. Although this study was conducted in 2017, we submit that its findings are even more relevant today when considering the cybersecurity climate we find ourselves in. Among the survey results:
- 63% of companies can’t monitor off-network endpoints.
- 55% of vulnerable endpoints contain sensitive data.
- 70% report a “below average” ability to minimize endpoint failure damages.
- 36% of endpoints fail compliance.
- 50% of companies require 35+ full-time employees to manage endpoints.
- 425 hours are wasted weekly on false security alerts.
An Easy Tactic for Endpoint Hardening
To protect your organization from data breach that originates on an endpoint, IDC Research suggests that organizations harden their endpoints. This makes sense, and a simple and cost-effective way to harden your endpoints is to lock down all of your organization’s open computer and network ports so that peripheral devices carried from home – which could be carrying a Petri dish of viruses – cannot be connected at the office.
The cost of this endpoint hardening tactic is minimal – especially when comparing it to the average cost of a data breach.
USB port locks, network module locks, LAN cable locks, and secure USB hubs for your attached USB devices are inexpensive devices that can prevent employees from connecting their USB flash drives, external hard drives, and anything else you can imagine to your computers and/or your network. Physically securing your perimeter is a surefire way to protect your endpoints not only from malicious insider attacks, but also from innocent and non-wary employees who are just trying to do their jobs under the new constraints of a work-from-home society.