Endpoint Security Matters More Than You Think
When it comes to security breaches, it’s common to think about centralized servers and databases. However, the endpoint devices in networks are often more at risk of security problems, and hacks on seemingly inconsequential devices can eventually lead to critical data being stolen.
While servers and databases often handle a large volume of traffic, they typically handle it through limited interfaces. This more limited approach reduces potential attack vectors, providing some extra security. Endpoint devices, on the other hand, aren’t always closed off as much, meaning malicious actors have more potential venues for exploiting them. Ensuring devices have appropriate firewalls and are only used in an approved manner can help reduce this risk, but endpoint devices can be difficult to secure.
More Attack Options
Managing endpoints is becoming more important for at least one important reason: There are more endpoints than ever before. Smart devices that connect to networks serve as potential attack vectors, and the bring-your-own-device idea means keeping track of individual devices can be all but impossible. Office peripherals can also be compromised; even an office printer can serve as the beginning of an costly attack. With the Internet of Things catching on, the number of endpoints in a typical network is expected to increase dramatically.
It’s important to limit the amount of important company and personal data on endpoint devices, as doing so can reduce harm if a device is compromised or even physically stolen. However, attacks can lead to escalation quickly, especially if it’s not detected promptly. Key-loggers can detect passwords and other sensitive information, and hackers can use this information to access servers and databases. Compromised printers and other office equipment can also lead to spying, potentially unveiling critical company data.
Basic Security Practices
Endpoint security starts where other security practices start: Password management and avoiding dangerous programs. Employees need to know how to create strong passwords to prevent easy access to their devices. Furthermore, employees must know their responsibilities when using devices that connect to company networks. Top-down security is critical as well, so ensure your company uses permission management to limit the damage that can be done by compromised endpoint devices.
Attacks on endpoint devices are becoming more sophisticated, and some attacks infiltrate a computer’s BIOS or other basic hardware or firmware. When comparing end devices, it’s worth looking into advanced technologies that prevent such intrusions. HP protects their hardware with proprietary SureStart technology, which detects BIOS intrusions and prevents them from running malicious code. Such technologies can help prevent long-term attacks on endpoint devices. We spoke to George Brasher, HP’s UK&I MD about best practice endpoint security recently, watch at the top of the page.
How Much Control?
Perhaps the most challenging aspect of running modern IT services is determining what devices can access networks. It’s tempting to let employees access networks and cloud platforms using their own devices, but some of the devices used to access the network will almost certainly be compromised. Another option is to provide users with devices to access the network; this provides interior control, but it also means policing employees to ensure they aren’t misusing their devices. Regardless of which option a company chooses, it’s essential that all employees know their responsibilities and understand the consequences of failing to follow rules.
Major hacks often involve large databases or centralized servers. However, many of these attacks started on more vulnerable devices within the network, including endpoint devices. When looking at network security, it’s important to take a holistic view and ensure all elements, from servers to endpoint devices, are properly secured.
Earlier this year HP released The Wolf, a series of short films warning businesses about potential endpoint security weak spots. It stars Christian Slater, is directed by the acclaimed Lance Acord and is frankly pretty awesome. Watch it here.