Expert worry over weak endpoint security as firms encourage remote working

Cybersecurity. Photo: CSO

By Chike Onwuegbuchi

As part of the new normal, organisations are encouraging their workers to work remotely even beyond the lockdown period; this comes with some security challenges especially at the endpoint. Sultan Sanusi, cybersecurity specialist for Cisco, speaking at a webinar organised by Cisco on ‘Cybersecurity and Remote work’, explained that the adoption of remote work before now in Nigeria was five per cent, but with COVID, a lot of organisations have adopted remote work which introduces security concerns different from on-premise environment.
“Organisations normally deployed perimeter solutions in their office working environment that secure the organisations’ network. But now, most of the users are sitting at home perimeter has gone home and individual laptops are now the new perimeter. New tools have been introduced and sharing of information is off the company’s network.
“A lot of companies did not budget for remote work solutions hence having to do with what they have or what they can get for free for a limited period. Organisations have lost control of the security of their network. They don’t know who is coming in and what they are accessing both on-premise and in the cloud,” he said.
He noted that most Hackers these days don’t hack users rather they hack users’ devices. “One of the key things in securing the remote worker is an endpoint, which is where most activities are carried out. You need to secure the devices that individuals are coming in with, whether it is corporate-issued device or device own by the user, you need to know what kind of devices is coming into the environment and therefore need to have multiple layer of security at the endpoint,” he said.
Elsewhere Chris Buchanan, client solutions director at Dell EMC, says protecting the organisation’s data is not just good business practice, it’s also critical for protecting its reputation.
“Most people would not do business with an organisation that has a reputation for sharing their personal information. That is why encrypting sensitive data is a critical first step.”
He added that businesses often believe they are covered if they have an anti-virus solution. “Unfortunately, that is no longer true. Traditional anti-virus products are only able to address half the virus threats out there and are not equipped to fight zero-day attacks at all.
Corroborating Buchanan on endpoint weakness, William Makatiani, managing director, Serianu, said that the percentage goes higher for newer attacks like ransomware and phishing.
“Endpoint security has become so critical in the fight against cyber-attacks because cybercriminals have identified end-users as the weakest link. It is much easier to successfully attack and infect multiple end-users than it is to attack a critical server. End users also seem to ignore basic cyber hygiene – hence the attractiveness.
“Simple, secure every single device and continuously monitor to ensure the expected secure profile is maintained. The challenge is the ability to get end users to adhere to the required security profile. As such continuous monitoring and exclusion of infected devices helps to reduce infection.
“Always use technology to scan/review the security posture of end-user devices before allowing them to access critical organisational data. There newer technologies that can be used to prevent/detect/isolate insecure endpoints,” Makatian said.
On the role of internet service providers (ISPs) in the fight against cyber-attacks, Makatiani said that Internet service providers have several roles to play in the fight against cyber-attacks.
“The first obvious role is continuous monitoring of the big pipes that deliver internet to organizations and individuals. Since they control these pipes and most attacks can be detected at the pipe level. It is possible to monitor ISP traffic and detect abnormal activities or traffic.
“ISP’s have a role to play in the general user awareness which increases user alertness.
“ISP can provide cheaper solutions as part of their provision of connectivity to their customers. Most cybersecurity solutions are expensive when purchased independently but as a service provider this can be reduced,” he stated.
On way forward for organisations on endpoint security, Buchanan said: “To protect the company’s data, a data-centric encryption product that can be audited and managed centrally is much less intrusive, faster and easier to manage than the traditional full disc encryption solutions.
“To protect against modern threats and attacks, a threat defence anti-virus should replace the traditional anti-virus solution.”