The key challenges of endpoint security

January 11, 2022
| Stay Safe

The rise of hybrid working has forever changed how businesses view their endpoint security posture. With employees working between multiple locations, the risk of data breaches, cyberattacks and network intrusion has grown exponentially. Hybrid work also makes it more difficult for IT teams to ensure employees are following best practices to avoid an attack. As a result, endpoint security has become a high priority for many businesses.

Below we explore what endpoint security is, the security challenges organisations face, and best practice for securing your networks, apps and data.

What is endpoint security?

An endpoint is any device that is connected to a network or IT system. This includes laptops, mobile phones, desktops, IoT devices, servers and virtual environments. Endpoint security is important as they are key vulnerability points of entry for cybercriminals. If a hacker gains access to an endpoint and executes malicious code, they can potentially access private data or launch a larger attack.

In the past, endpoint security was primarily focused on antivirus solutions, but as the threat landscape has changed, the scope for endpoint security has broadened, with an emphasis on user behaviour.

Constantly expanding attack surface

As technology evolves, organisations and their employees are using more devices either in a work capacity or on a corporate network. In the past, cybercriminals had a handful of endpoints they could target, including desktops, network devices, printers, and servers. For businesses, this meant that if these devices were secure, the chance of a successful attack was relatively low.

In 2022, this attack surface has greatly increased with devices such as virtualised servers, personal laptops and phones, IoT devices, smart environmental controls and even wearable technologies, such as smart watches and fitness trackers. All these endpoints are now targetable by hackers, and it is difficult for an IT team to manage the sheer volume of devices. As new technologies are introduced into the market, this attack surface will continue to expand, putting businesses at risk of a cyberattack.

Understand your organisation’s current risk level, get a Cyber Security Posture Assessment here >

Endpoint security and hybrid workforces

The advent of remote and hybrid work has many benefits for business leaders and employees; however it poses a unique challenge for endpoint security. With employees working in different geolocations, it means they need to connect to a corporate network through other means, which also expands the attack surface.

If employees are connecting to IT systems through a hotspot or public WiFi, it opens the door to a potential man-in-the-middle attack. This form of attack is where a cybercriminal uses malicious software that allows them to intercept all traffic between an endpoint and a corporate network. Through eavesdropping on this information, they may be able to launch an attack, or even gain access to the corporate network via the endpoint device.

BYOD and mobile devices

Many organisations have sanctioned a bring your own device (BYOD) programme, as it saves the business money, whilst increasing productivity for employees. Although BYOD has many benefits, it carries a potential security risk. If employees are using older devices that do not receive security updates, they become an easy target for cybercriminals to exploit software vulnerabilities. Similarly, if an employee loses their device, or has it stolen, it puts the local device at risk of a data breach, as well as the corporate network, if they have their passwords saved.

Shadow IT

Shadow IT is the use of IT hardware or software used by a department or individual without the knowledge of the IT department or IT/security provider. This software may include cloud services or applications that departments use to increase productivity or to solve shortcomings of the provided software. The risk of using unauthorised software is that it may have a vulnerability that could lead to an attack on networks or systems. Similarly, if employees use unauthorised file sharing platforms, it puts customer data at risk of a data breach.

Best practices for endpoint security

To keep your organisation safe and to develop an effective endpoint security policy, here are five endpoint security best practices to consider.

Inventory audit of all devices: it is essential to get full visibility of all endpoint devices connecting to corporate applications and data. Invest resources in identifying devices connecting to the corporate network, or integrating with cloud applications.
Device profiling: by understanding how endpoints operate, the data they collect and share and how software is updated on each endpoint, you can access the security risks and decide on appropriate controls for each.
Device security: what security products are already deployed, and what are available to protect your organisation? Develop plans for different devices based on device profiling and also ownership of the device. Employee-owned devices may require different security products to corporate devices.
Adopt zero trust principles: the zero-trust principle of “never trust, always verify” is critical for securing multiple endpoints. No user or endpoint should be automatically trusted, all requests must be authenticated and authorised. This verification is based on all data points, including user identity, device health, service or workload, classification, and anomalies.
Educate end users: ensuring end users, particularly those using their own devices, support your endpoint security policy, raise awareness of the threats and the measures in place to protect the network and data. When end users understand why they can only access applications or data in a specific way, or why you want to install new software on their device, they are more likely to comply.

For IT teams to effectively secure endpoints, they require complete visibility over who is connecting to a network, from which device, for what use, and all associated traffic. Putting in place a robust endpoint security policy will help you manage access more effectively and keep your organisation and people safe.

If you have any questions or require more support to implement an endpoint security strategy, please get in touch with our team.

08456 808538 hello@cloudbusiness.com

Cookie	Duration	Description
__cfruid	session	This cookie is set by the provider Cloudflare. This cookie is used for load balancing and for identifying trusted web traffic.
__hssrc	session	This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
__RequestVerificationToken	session	This cookie is set by web application built in ASP.NET MVC Technologies. This is an anti-forgery cookie used for preventing cross site request forgery attacks.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
JSESSIONID	session	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
MS0	30 minutes	No description available.
MSFPC	1 year	No description available.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__hstc	1 year 24 days	This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
__lotl	5 months 27 days	This cookie is set by the provider Lucky Orange. This cookie is used to identify the traffic source URL of the visitor's orginal referrer, if there is any.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_lo_uid	2 years	This cookie is set by the provider Lucky Orange. This cookie shows the unique identifier for the visitor.
_lo_v	1 year	This cookie is set by the provider Lucky Orange. This cookie is used to show the total number of visitor's visits.
_lorid	10 minutes	This cookie is set by the provider Lucky Orange. This cookie is used to identify the ID of the visitors current recording.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
ANONCHK	10 minutes	This cookie is used for storing the session ID for a user. This cookie ensures that clicks from advertisement on the Bing search engine are verified and it is used for reporting purposes and for personalization.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
MUID	1 year 24 days	Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
_gd1624628211813	session	No description
AADNonce.forms	session	No description available.
CONSENT	16 years 6 months 6 days 10 hours 23 minutes	No description
DcLcid	3 months	No description available.
GetLocalTimeZone	session	No description
lfuuid	9 years 7 months 6 days 10 hours 24 minutes	No description available.
MC1	1 year	No description available.
SM	session	No description available.
SRM_B	1 year 24 days	No description available.
yt-remote-connected-devices	never	No description available.
yt-remote-device-id	never	No description available.

The key challenges of endpoint security