As security perimeters dissolve, protecting endpoints is critical to thwarting cyber-attacks
From desktop computers to printers to routers, the sheer number of endpoints that need cyber protection in a business can be a full-time job for an IT department.
Add in the exploding number of poorly secured mobile and Internet of Things (IoT) devices accessing company networks, the rise of BYOD (Bring Your Own Device), and remote working policies and it’s no wonder that securing endpoints has become even more mission-critical to cybersecurity.
Any computer hardware device that connects to a company network and the Internet is a potential entry point for threats. Data-stealing trojans, ransomware, zero-day attacks, and DDoS malware are just a few of the ways attackers are taking aim at companies through their vulnerable endpoints.
It’s much easier for hackers to get an unsuspecting employee to click on a malware link that pops up on their laptop than to try and break through a secure firewall. The malware can infiltrate the entire enterprise network from the infected endpoint, giving attackers unfettered access to sensitive corporate and personal data.
Endpoints that access the network remotely are even riskier; even the best firewalls and controls become useless when your internal network is extended beyond its perimeter security systems. A centralized security solution is no longer enough for the poorly-defined perimeter that exists in today’s digital landscape. And the current array of disjointed endpoint protection strategies can struggle to mesh with existing IT infrastructure.
Intelligently manage threats
Companies are scrambling to find a solution that scales and can work in multiple environments. Cybersecurity industry leader CyberGuard360 is filling this void with CyberGlass, a groundbreaking new product that is the first to combine endpoint and centralized security measures – along with all of the other elements of a complete cybersecurity program – into a single, actionable suite.
Beyond simply controlling access, CyberGlass’s next-generation endpoint security tools can also monitor and block risky or malicious activities before they slip inside a company network. CyberGuard360 partnered with Sophos to run its top-rated Advanced Endpoint Protection and Intercept X products natively with CyberGlass. Consistently beating the competition for next-gen protection, Sophos ranked first in both the enterprise and small business endpoint protection categories in the April-June 2018 SE Labs Endpoint Protection Test report.
But CyberGlass’ protections don’t stop with this award-winning endpoint security. It advances beyond alerting and reporting with the ability to intelligently manage and control threats. CyberGlass also buttresses the Sophos products by ensuring that every endpoint’s operating system and third-party applications are up-to-date and protected.
4 critical protections
In this first installment of our two-part series on CyberGlass’s endpoint security protections, let’s take a look at some of the critical ways this platform can protect your company’s endpoints from cybercrime:
- Anti-virus, anti-malware, and anti-ransomware capabilities. Today’s corporate leadership demands high productivity. Not only are employees typically uneducated in best security practices, but they are often too hurried and distracted to pause before clicking on a suspicious email link or accepting a malicious update request. More than 90 percent of cyber-attacks begin with a spear phishing email, which uses the compromised endpoint to infect an entire organization with ransomware, Cybersecurity Ventures reports.Nearly 60 percent of malware attack victims are small businesses. Cybersecurity Ventures predicts that companies will suffer a ransomware attack every 14 seconds by the end of 2019.
To combat this weakness, CyberGlass relies on Sophos’s next-gen anti-exploit technology that stops threats before they become an issue. It detects spontaneous malicious data encryption to stop ransomware in its tracks and can also restore deleted or encrypted files through rollbacks.
Its anti-malware goes far beyond signature-based prevention of known threats. It correlates suspicious behaviors and activities using real-time threat intelligence, recognizing and blocking common malware delivery techniques. It also monitors endpoints for behaviors that may signal the presence of a new, unknown malware, including command-and-control traffic and unexpected system changes.
The result is fewer infected computers and better protection against data breaches. CyberGlass also enables companies to harden their security posture with root-cause analysis that provides insight into vulnerabilities that pave the way for attacks. It provides a detailed map of how any infection occurs, from where the infection came from on the Internet to which file was infected to what the infected file tried to accomplish.
- Patches and updates. Software vulnerabilities are discovered all the time, and hackers are constantly trolling for businesses that give them easy access by failing to patch problems. CSO Online asserts that 25 percent of people failed to apply the latest patch to their endpoint after a month – and another 25 percent never applied it at all.Automated patch updates are also imperfect, as the automation can break down and fail to ensure consistent updates. BYOD policies further complicate matters, as many organizations simply trust that employees are keeping their endpoints updated. As a result, more than 80 percent of breaches are caused by poor patch management.
CyberGlass vigilantly ensures that operating systems and third-party applications on endpoints that connect to the network are up-to-date, with all security patches issued by manufacturers fully applied.
- Data encryption. Today’s mobile workforce can work anywhere. But with freedom comes a heightened risk of data breaches through lost or stolen devices or employees who carelessly compromise their endpoints by accessing unsecured Wi-Fi networks in public places.CyberGlass’s encryption is a vital component of its endpoint security. It protects the data on the devices themselves and during transmission, keeping malicious actors from being able to copy or otherwise transfer sensitive information. It also protects the operating system and applications, as well as individual folders, files, and removable storage devices such as CDs and USB drives.
- Access Control Limits. CyberGlass’s logging-enabled access control lists (ACLs) provide insight into traffic as it travels across a company network or is dropped by a network device. While not as robust as firewalls, they serve as network filters for devices like routers and switches where line rate speed is important – playing a critical function by permitting and restricting data flows into and out of network interfaces.ACLs tell computer operating systems which access rights each user has to a particular part of the system, including file directories or individual files. The list also defines privileges for each user, such as the ability to read, write, or execute files.
ACLs log informational messages about packets they permit or deny. In addition, they restrict updates for routing from network peers and are important for setting flow control for network traffic.
With the soaring popularity of remote work, BYOD practices, and mobile devices, the need for an effective and flexible endpoint security system is critical for keeping safe. Stay tuned for the next installment of our two-part series on how CyberGuard360’s groundbreaking CyberGlass product enables companies to connect its endpoints with confidence.
To learn more about the full suite of features in CyberGlass, call us at 844-315-9882 or use our contact form for a free consultation.