Data Security Experts Answer: What is the Biggest Misconception Companies Have About Endpoint Security & Protection Tools?
27 data security experts dispel some of the biggest myths about endpoint security solutions.
Endpoint security is a method of protecting a central corporate network when it is being accessed through remote devices, or endpoints, such as PCs, laptops and other wireless mobile devices.
And while endpoint security is a concept that isn't exactly new by any means - most information security professionals understand the implications of it pretty well - it is becoming more complex in its application due to the broadening of many company BYOD policies and the increasing number of employees and authorized users being allowed to log in remotely to corporate networks.
As the market for endpoint security solutions continues to change and grow, we wanted identify some of the commonly misunderstood topics of endpoint security and endpoint protection tools. More specifically, we wanted to gain advice from data security experts about what they would consider to be some of the biggest misconceptions companies have about endpoint security and protection tools. To do this, we asked 27 data security experts to answer this question:
"What's the biggest misconception companies have about endpoint security/protection tools?"
We've collected and compiled their expert advice into this comprehensive guide to understanding tools for endpoint security and protection. See what our experts said below:
Meet Our Panel of Data Security Experts:
Joseph Steinberg, CISSP, ISSAP, ISSMP, CSSLP, is an expert on cybersecurity, privacy, and related matters, who is frequently sought after as a consultant, media commentator, expert witness, and advisor. He has helped businesses, the government, and VIPs stay digitally secure. He is one of only 28 people worldwide to hold the four information-security certifications, CISSP, ISSAP, ISSMP, and CSSLP (as of November 2014) and has nearly two decades of experience in the information security industry. His inventions are cited in nearly a hundred published patents. He has authored multiple books on information security and currently writes a cybersecurity thought-leadership column for Forbes. He also is presently the editor of the official (ISC)2 textbook on info-security management. Learn more about Joseph and his work at www.JosephSteinberg.com.
Three significant errors that firms make with endpoint security tools are:
- Failing to deploy them to all endpoints – for example, any smartphone or tablet that attaches to a corporate network is an endpoint, and must be secured. If people VPN in to the organization from remote locations, their devices become endpoints as well.
- Believing that endpoint security products can keep endpoints secure with technology, and therefore skimping on actual security policies, procedures, and training. No technology can deliver security if people undermine it.
- Failing to properly incorporate endpoint security into an overall security program. Ad-hoc security is no longer sufficient; failure to properly design an overall program is going to leave holes that can – and likely will -- be exploited by nefarious parties.
Stu Sjouwerman is the Founder and CEO of KnowBe4, LLC. An IT Security expert with 30+ years in the industry, Sjouwerman (pronounced shower-man) was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software developer that was acquired in 2010 by GFI Software, a portfolio company of Insight Partners. Realizing that the end-user is the weak link in IT security and this being seriously neglected, Stu decided to partner with famous former hacker Kevin Mitnick and help IT pros to tackle cybercrime tactics utilizing New School Security Awareness Training combined with regular simulated phishing attacks. Sjouwerman is the author of four IT books, with his latest being "Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008".
The biggest misconception companies have about endpoint security/protection tools is that...
Antivirus products are adequate at making malware signatures.
The traditional endpoint security/malicious software detection approach is far from being sufficient, especially in corporate environments. More and more it is being found that antivirus products can take months before adding the algorithms to recognize the more complex threats, leaving endpoints unprotected.
A recent study from Damballa, a security company offering solutions against advanced cyber threats, revealed that malware could spend as much as six months on a system before it is identified using signature-based detection.
Damballa's CTO Brian Foster said: For years now the industry has discussed the declining effectiveness of preventative controls like antivirus, firewalls and IPS. These technologies simply do not work against polymorphic malware, which is used by nearly all of today's advanced attacks. And yet RSA estimates that most organizations still spend about 80% of their security budgets on prevention technologies.
Damballa wanted to demonstrate the limitations of a prevention-centered approach to malicious software. They analyzed a sample set of tens-of-thousands of files sent to them by their customers.The files detected as malicious by their own Failsafe system were also scanned by the four most commonly deployed antivirus products. Here's what they found:
- Within the first hour, the antivirus products missed nearly 70% of the malware
- After 24 hours, still only 66% of the files were identified as malicious
- At the seven-day mark, the accumulated total was 72%
- After one month, 93% of the files were identified as malicious
- More than six months passed before 100% of the malicious files were identified malware-alerts-per-week
A 2015 Ponemon Institute report shows that the average enterprise gets 17,000 malware alerts weekly, or 2,430 daily, from IT security products. Based on the Damballa study you can do the easy math; antivirus products miss 796 malicious files on Day One.
And now combine the data from Damballa, RSA and Ponemon. You come to the shocking discovery that 80% of the security budget is spent on controls that are missing 796 malicious files a day.
Many of these infections are caused by end-users who click on a malicious ad, click a bad link or open an infected attachment.
We all have limited budget and manpower. Nobody can afford to dedicate the majority of their budget to failing controls. You need to defend your networks in depth, and get proactive instead of continuing to run around putting out fires.
The very first step in getting proactive is deploying effective security awareness training combined with simulated phishing attacks. Prevention that really works is more important than ever, and end-user education gives you the best bang for your budget buck, but you also need to put greater emphasis on deeper defense-in-depth levels with detection and response. If you can reduce the time between the initial infection and its discovery and remediation, you reduce your risk of damage.
Scott Dujmovich is a part owner of Golden Tech, an IT Solutions provider with offices located in Indiana and Southwest Florida. The firm's target clients are in the healthcare and financial service industries, but on a larger scale, they service a wide range of small-to-medium sized businesses by crafting and managing solutions from network and IT infrastructure, mobile device, cloud backup, and business continuity solutions to disaster recovery solutions.
A big misconception companies have about endpoint protection is...
They think just because they may have a corporate antivirus installed, it means their business is fully protected.
The truth of the matter is that antivirus protection is becoming more and more irrelevant in terms of protecting networks against a breach. By the very nature of their design, antivirus solutions are reactive, and are only a small and supplemental tool in keeping a network secure. One of the best things a business can do is have a plan in place for a "what if" breach scenario.
To achieve endpoint security, it's important to consider implementing a Backup and Disaster Recovery solution to quickly recover if a breach were to occur. This plan should include measures to keep the network secure while still allowing telecommuters to productively work out of the office. A business is never too small to have a plan to address network breaches.
Dr. Engin Kirda
Dr. Engin Kirda is Co-Founder and Chief Architect at Lastline, a software-based security breach detection platform, as well as cybersecurity research professor at Northeastern University.
The biggest misconception companies have about endpoint security protection is...
That it can operate in a vacuum, without input from or output to other security tools.
Endpoints are an increasingly exploited threat vector, but often the exploits reveal themselves to security scanners downstream within network traffic or objects. Companies need automated end-to-end network and endpoint security across web, email, files and applications in order to have comprehensive visibility into indicators of compromise and malware stemming from endpoints.
Chris Cardillo is the VP of Technology and Marketing for Cloud Grid Networks, a provider of tier 1 Infrastructure as a Service to businesses in the Southeast Region of the US.
The biggest misconception with endpoint security, and security in general, is that...
The Firewall or Antivirus will protect your whole computer system from hackers and loss of data.
Users are a key concern in security flaws. Most of the emails that contain links to payloads are engineered for humans to take actions which will circumvent security implementations and that will open the network to all sorts of attacks. You must look at training users, and implementing a program of testing users and grading them on their behaviors.
In one instance we created a fake website and sent an email to test users' abilities to discern an attack from a real website. We would use these examples in follow up security trainings and then let them know who and when and where they failed. Making users part of the security solution will fix the weakest link in security today.
Julian Weinberger, CISSP, is Director of Systems Engineering, at NCP engineering, based in Mountain View, California. Julian is an information security expert with expertise in the areas of SSL-VPN, IPsec, PKI and firewalls. At NCP engineering, he develops IT network security solutions and business strategies.
The biggest misconception about endpoint security/protection tools is that...
Endpoint security/protection tools slow down or interrupt workflow, or prevent users from doing certain tasks.
These effects are typically a result of bad implementation of the endpoint security/protection tools rather than the tool itself. If the tools are implemented correctly, the necessary level of security will be provided without affecting the workflow or user productivity. Of course, proper implementation requires having an administrator that is aware of what a user needs to access in order to do his or her job. This information is usually established and documented based on the security policies of the enterprise.
Phil LaCorte is the Manager of IT Operations for Golden Tech in Northwest Indiana. He has been head of the IT Department of this IT Solutions company for just over one year with over eight years of experience in the technical field.
The biggest misconception companies have about endpoint security/protection tools is that...
They gloss over the word endpoint and focus on the word protection.
To illustrate this, consider how ridiculous it would be for a bank to lock its outer doors every night while leaving the vault wide open. Financial institutions don't make this mistake; instead, they implement layer after layer of protection to ensure the security of their assets. A layered approach to IT security is also the only effective one and consists of multiple varied elements, such as network perimeter security, strong password policies, effective end user education, data access logging, and above all, a disaster recovery solution.
Mike Meikle is a Partner at SecureHIM, a security consulting and education company that provides cyber security training for clients on topics such as data privacy and how to minimize the risk of data breaches. He has worked within the Information Technology and Security fields for over fifteen years and speaks nationally on Risk Management, Governance and Security topics. He has presented for Intel, McAfee, Financial Times, HIMSS and for other Fortune 500 companies and is also published writer with articles that have appeared in American Medical News, CNBC, CIO Magazine , Los Angeles Times and Chicago Tribune. He holds a Certified Information Systems Security Professional (CISSP), a Project Management Professional (PMP) and Six Sigma Green Belt.
To address a few big misconceptions that companies have about endpoint security tools:
- Endpoint protection must have appropriately configured policies to effective. Lax endpoint protection policies equal far less protection against aggressive malware.
- Endpoint protection must be monitored from a central server. Trained security personnel must follow up on suspicious activity reported by the endpoint software. You would be surprised how often this is not the case.
- Endpoint protection is not a panacea for poor patching practices on the end user devices. Devices that lag behind in patching can be easily compromised by malicious software. There are too many zero-day and known vulnerabilities for antivirus/malware software to effectively protect against.
- Employees can often subvert enterprise endpoint protection by uninstalling the software or killing processes depending upon what policies are in place. Also, employees can respond to phishing emails that immediately bypass endpoint protection by cloaking malicious processes inside legitimate ones.
Alexander Kernishniuk is the CEO of MacKeeper, a product of Kromtech Alliance Corp, which is a utility software suite for Mac OS X advertised to optimize, clean and secure a computer system.
As a large company, managing our security at the highest level is the most important issue. Disregarding your company's security may lead to data theft, targeted attacks and other forms of network intrusions. Cybercrime technologies are constantly evolving and that is why the most important part of our job is staying up to date. But at the same time, we think that a main misconception about endpoint protection tools is that...
There is only one factor that affects your security and only one way to resolve all security issues.
Certainly it is important to choose a trustworthy security provider and make sure that all range of endpoints are protected (including servers, workstations, gateways, exchange servers and storage devices). But, the most unpredictable issue is the human factor. Even though endpoint security provides a lot of barriers against external threats, no one is protected from data loss from employee-owned devices.
Therefore, we recommend that employees personally should be responsible for their computer security.
To protect computers on the user-level we suggest a complex method that includes much more than overall anti-virus protection and internet security. Employees should not forget either about offline activity when they store important corporate data on their personal devices. It is very important to encrypt private files and use backups to prevent from data loss. In addition, it is not enough just to delete data that you've saved, we recommend using a data shredder to remove data off of devices so that data cannot be recovered. Finally, nobody is safe when it comes to laptop theft. It is a good option to install anti-theft on the computer and be sure that it will be recovered.
We think that while companies should choose a high level of protection to make their businesses safe, it is equally important for employees to choose the best security options for their computers and devices.
Thomas Quinlan is a Security Expert who has more than 30 years of experience (16 professionally) with technology, with extensive experience in network and application security, electronic discovery, digital forensics, and malware analysis. He has held positions at several technology companies, in charge of large scale eDiscovery projects, forensic investigations, and network and application security for some of the internet's largest on-line applications. His work has also allowed him to help companies with ICS/SCADA/PLC environments become more secure. He is certified in Computer Security (CISSP), Digital Forensics (CCFP), and Malware Reverse Engineering (GREM).He serves as a member of the Editorial Advisory Panel for Linux Journal, and speaks regularly on topics related to security, investigation, and analysis. Learn more about Thomas and connect with him on LinkedIn.
The biggest misconception people have about endpoints is...
That they have an idea of what their endpoints really are.
They presume because they have lock-downs in terms of software or that they're keeping things patched that they have full control. They don't. There will always be exceptions (CXOs for example) and even if there weren't, unless they have under five users they are going to always be one step behind the zero-day exploits and social engineering. There's little to nothing that can be done about this.
The security industry has rightly taught defense-in-depth & blocking. However, too many companies rely solely on that concept, and aren't prepared for what happens when something is breached. That breach, when it happens, will take place because someone got through to an endpoint - whether through exploitation of the software or the human. Companies should presume breaches will occur, and move to a continuous monitoring cycle to augment their defense in depth posture.
Michael Hall is the Chief Information Security Officer (CISO) and Director of eDiscovery and Digital Forensics at DriveSavers. In his leadership role, Michael directs and implements policies and procedures concerning the privacy and security of all data received at DriveSavers, including highly critical data from government agencies, major corporations and research laboratories. He was instrumental in helping NIST, FDIC, OTS and BITS identify the risks of improper screening of data recovery providers.
The biggest misconception about endpoint security is that...
Only large companies need security and protection tools because those are the kind of companies that get the biggest splash in the news. Think Target, Home Depot, eBay, and Anthem.
Most don't realize the Target breach actually occurred when an employee of a small HVAC company opened a malware-laced email, allowing the HVAC company's system to be hacked. It just so happened that this particular company was contracted with one of the Target stores and had remote access for a limited timely solely for maintenance purposes. This allowed the hackers to worm their way into gathering more than 40 million debit and credit card numbers from Target's point of sale (POS) system - they hit the jackpot.
Regardless of size, all businesses should at minimum have a secure website, use encryption, update and patch regularly, use effective passwords, implement a company-wide social media policy, have a defense-in-depth strategy, secure all devices and backup.
James Walker is a Systems Engineer at Golden Tech. James has been in the Information Technology business for over twenty years, with endpoint security/protection as a major focus for over ten years.
I would say the biggest misconception that companies, and people in general, have, is that...
As long as they have an antivirus product installed, they are safe from all forms of malware.
First, the antivirus program must be kept up to date with regular signature updates. Also, regularly scheduled scans should be maintained. Then there's the false sense of security. If, for example, the servers and workstations are Microsoft Windows-based, they need monthly security updates to the operating system. Add to this the fact that endpoint security/protection entails much more than just antivirus, (e.g. anti-spyware, firewalls, intrusion detection/prevention, etc.), and you'll begin to understand why companies need an expert on endpoint security/protection in their corner.
Carlos Pelaez is the National Practice Leader for Coalfire Systems Inc., a cyber security firm. He leads Coalfire's practice area focused on serving Service Organizations and Internal Audit departments, and provides the framework and methodology to local audit teams so that they may be well equipped to validate compliance and cyber security needs for cloud based solutions.
The biggest misconception companies have about endpoint security is...
That this will put them out of scope for compliance and other audits.
Companies often believe that this security reduces their network traffic footprint to such a degree that there is no risk. There is still plenty of risk and companies still have to go through audits and be compliant. Endpoint security is a great tool, but not the panacea that marketers often times promote.
Paul Kubler is a Cyber Security and Digital Forensics Examiner at LIFARS LLC, an international cybersecurity and digital forensics firm. He's a former employee at Boeing, in the Global Network Architecture division, the nation's largest private cyberattack target. He previously worked at the Flushing Bank, in Network and Systems Infrastructure, protecting valuable financial data at various levels within the network and system. With several years of experience in cybersecurity and digital forensics, he conducted a wide range of investigations, including data breached through computer intrusions, theft of intellectual property, and computer hacking. He belongs to several industry groups, including the High Technology Crime Investigation Association (HTCIA) and the Long Island Association of Information Technology Professionals (LI-AITP). He is a Certified Cisco Network Associate (CCNA), AccessData Certified Examiner (ACE) and a Kaspersky Labs Certified Sales Engineer. He also holds a Security+ certification from CompTIA.
The biggest misconception companies have regarding endpoint security/protection tools is that...
This solution will always work without any maintenance.
The AV usually keeps an up-to-date database of signatures that will maintain the endpoint, but this is not all that needs to be done. Usually there are initial configurations to optimize the endpoint per site that most staffs forget to do. They also don't ensure that new devices get protected, and that old devices are receiving the updates. Frequently things change and this can desync an AV from the server. The server should be updated regularly as well. Endpoint protection won't catch everything, but it can do better than the out-of-the-box with a little upkeep. As long as the IT staff stays on their toes, and maintains a tight security perimeter, the endpoint protection will work well.
Cesar Cerrudo is the CTO for IOActive Labs, where he leads the team in producing ongoing, cutting-edge research in the areas of SCADA, mobile device, application security, and more. Formerly the founder and CEO of Argeniss Consulting - which was acquired by IOActive - Cesar is a world-renowned security researcher and specialist in application security.
I think one of the biggest misconceptions about endpoint security is that...
It will protect you from all attacks and after you implement it your are free of threats.
Companies need to fine tune these tools to meet their needs. However, after implementing the solution according to their needs, they find that there are so many functions removed/disabled that it no longer provides much protection. Something else to consider is that sometimes these solutions have vulnerabilities which could allow an attacker to hack your business systems. Endpoint security should be just another layer of security at your company not the catch all/protect all solution.
Robert C. Covington
Robert C. Covington is the President of togoCIO.
In my experience, the biggest misconception about endpoint security and protection tools is...
That they can be setup and forgotten.
The best protection devices and software on the market today will quickly become worthless without maintenance and attention. All such products require periodic updates, review of logs, and adjustments to settings. As an example, a firewall may work quite well on its first day of operation, but without firmware updates and revised signature files, its effectiveness will quickly diminish over time.
I use the term "defaultware" to refer to products that users assume they can purchase and forget. In order to combat this, organizations must:
- Review logs periodically to look for issues, attempted attacks, etc;
- Monitor available firmware versions regularly, and update as necessary;
- Periodically confirm that updated signature files are being successfully applied.
As an example, I was recently called to a medical office to look at security concerns related to a PC in one of the exam rooms. The PC, which had access to a web-based Electronic Medical Records system with the password pre-entered, had a large number of infections, which had apparently been present for some time. The PC had one of the top anti-malware products available, but one of the malware items had disabled updates. Had the user performed a periodic check to confirm that new signature files were being received, they would have quickly spotted the issue.
Markus Milsted is the Founder and CEO of Omlis, a global mobile payment solutions provider bringing market proven, highly powerful, differentiated and most effective solutions to all mobile commerce security. Omlis provides completely secure, unique and uncompromised technology with 100% fault-tolerant tracking of all payments in real-time for full transaction accountability.
One of the biggest misconceptions companies have about endpoint security/protection tools is...
They are safe to rely on an SSL (Secure Sockets Layer) connection to provide an https (secure) internet connection.
Organizations that store sensitive data, including banks, often do this. Most companies assume that implementing SSL is sufficient online security, however was recently disproved by Superfish. Superfish software easily hacked SSL connections in order to advertise to consumers with more targeted ads. Researchers looked into this and determined that the flaw affected sensitive domains at some banks and high-traffic sites like checkout.google.com.
The fact that these applications have bypassed banks' security demonstrates the ease of accessing their networks, devices and sensitive data. It's now necessary to implement more stringent end-point security and authentication measures in order to protect against a range of sophisticated technologies and clever hackers who can access organizations through multiple entry points.
Brad Deflin is President and Founder of Total Digital Security, a Managed Security as a Service provider that manages and mitigates all elements of cyber-risk for families, professionals and small to mid-sized businesses.
The biggest misconception that companies large and small have about endpoint security and protection is...
That it is expensive to buy and complicated to use.
For the last decade or so, our experience with endpoint security has not been good. A few market dominating incumbent providers held tremendous influence over the sales channels in the IT security industry, and, as a result, we saw very little innovation in the area of end-point security. The solutions were clunky to operate and less than effective, certainly in terms of the hostile online environment we live in today.
The mega-breaches of the past two years have resulted in pressure from consumers and government agencies for answers that work and are brought to market faster. Wall Street and Silicon Valley have obliged. Significant capital investment by VC's, cyber-related M&A transactions, and lofty stock multiples, are all indicative of customer and investor markets that are demanding increasingly effective and innovative products and solutions.
The new guard is leapfrogging the incumbents, empowered by a fresh slate, ambitious entrepreneurs, and new technologies. The result is a surge in new solutions that are disrupting the incumbents by utilizing cloud-enabled technologies, powerful software, and a SECaaS (Managed Cyber Security as a Service) business model. Now, very effective, easy-to-use solutions are available and affordable even to small businesses and professional practices, and just very recently, to individuals and families as well.
As Apple chief Tim Cook said in his keynote at the Summit on Cybersecurity and Consumer Protection, in Palo Alto, California a couple of weeks ago, We must get this right. Cyber risk is a big deal, and we must get this right on all levels including Federal and local governments, corporate, non-profit and individual.
Paul Paget is the CEO of Pwnie Express.
The biggest misconception companies have about endpoint security is...
Overlooking the importance of detection technology.
The threat landscape is evolving at a break-neck pace and the stakes have never been higher. As a result, organizations' historic focus on perimeter security solutions has shifted to analytics and monitoring tools that provide enhanced visibility and rapid incident response. But savvy CISOs/CSOs know that it's not a question of one or the other: an effective security strategy must encapsulate both traditional end-point security defenses and new, innovative ways to gain greater visibility into potential breach points.
Firewalls, antivirus and other defensive tools are still essential to mitigating risk, but no longer enough to stop today's increasingly sophisticated, stealthy attackers. To proactively combat endpoint security threats around wireless productivity tools, BYOD, and IoT devices, enterprises must also be proactive in detecting the presence of unknown, unauthorized, rogue and/or misconfigured devices in real-time so security teams can respond quickly and effectively.
Maxim Weinstein, CISSP, is a technologist and educator with a passion for information security. He works in product marketing at Sophos, where he specializes in endpoint security solutions. He is a board member and former executive director of StopBadware. Previously, he spent a decade in a variety of IT, technical education, and leadership roles.
The biggest misconception about endpoint security is...
That it's largely ineffective, because it's based primarily on signature-based detection.
This view has been reinforced by new entrants to the security industry that want to invalidate the incumbents and create demand for their newer offerings. It has also been supported by poorly done analyses that show, for example, that only x% of AV vendors detect a new piece of malware according to VirusTotal.
Tools like VirusTotal only demonstrate a fraction of the capabilities of most modern endpoint solutions, because they scan files in the absence of any context about how the file came to be on the computer in the first place. The best modern endpoint products use a variety of technologies to prevent visiting malicious websites, warning users about suspicious files at the point of download, detecting the tricks attackers use to deliver "drive-by downloads," and so on.
In reality, a high quality business endpoint security product, properly configured and kept up to date, will protect against the vast majority of malware. Companies are constantly innovating and adding new capabilities to make protection even better. In some cases, they're going beyond the traditional focus on endpoint as a standalone, preventive tool and exploring how technologies can work together (e.g., a firewall and endpoint security sharing information). This can lead to not just better prevention, but also the ability to detect and remediate threats that may have initially slipped through the defenses. And it's also key that data encryption become part of the story, as it provides an additional level of protection of the "crown jewels" of most companies (critical business, customer, or patient data).
Aaron Taylor is a Systems Engineer at Golden Tech.
The biggest misconception with Antivirus/Endpoint protection is...
Thinking that you are 100% safe when it's installed on your network.
There is still a necessity for training employees to recognize risks in their emails and the importance of not downloading or going to links from untrusted sources. You also need IT support to ensure your Antivirus solution stays up to date to protect from the newest threats.
Rich Silva is the Founder and President of Pain Point IT Solutions Inc., a Managed IT Services Company headquartered in Poughkeepsie, New York. After a 19 1/2 year run as a manager of a Network Engineering group and IT Support group for the same company, Rich took the leap of faith and started his own company with the goal to provide small and medium sized businesses without full-time IT personnel the tools they need to maintain their IT and telephony systems.
The biggest misconception companies have about endpoint security/protection tools is...
That they will spend the time to meticulously watch the centralized console that is reporting the status of their security.
We live in a "set it and forget it" world. The very advantage of having endpoint security is that all of your computer systems, whether connected to the internet, at the office, or at the local coffee shop, can be centrally managed and monitored from a cloud console. However, it is very important that companies recognize the human resources needed to monitor and take action when something is not working or updating as expected. Most companies do not consider this when moving to an endpoint security solution.
Michael Goldberg is the VP Corporate Marketing of Awareness Technologies Inc, also known as InterGuard. With over 13 years' experience in endpoint security software, Michael heads up the Corporate Sales and Marketing division of Awareness Technologies Inc., based in Westport, CT. Michael has been entirely focused on Employee Monitoring and Data Leakage/Theft prevention technologies since 2002, as a security software expert, taking revenues in excess of tens of millions of dollars through direct and indirect sales models. Having dedicated the past 13 years to working specifically with insider threat security software, Michael is considered to be one of the world's most experienced people working in our industry today.
I would have to say the biggest misconception that comes to mind would be that...
Companies often believe they only need to have endpoint protection on devices they think are vulnerable to threats.
While it is always important to know what you determine as most vulnerable, companies should be even more concerned about the unprotected devices they do not even have on their radar. Bottom line, if a device has Internet access or file transfer capabilities of any type, you should strongly consider protecting all of the endpoint devices, not some of them. Without endpoint protection on all devices, you are essentially playing Russian roulette with your confidential information.
Vitaly Milavsky is a Systems Engineer for Chelsea Technologies and has over 10 years of experience in the IT field. He attended New Jersey Institute of Technology where he majored in computer science with a concentration in network security. Vitaly describes information technology as both a hobby and passion, so he enjoys getting to do what he loves every day.
The most common misconception people have about endpoint security is...
That a single layer is enough protection.
An antivirus is not the end all be all to being secure. None of them are perfect, one will catch a virus and another won't. To have an effective model you need various layers on the endpoints, workstations, laptops, cell phones, etc, as well as on the server these devices talk to. And all the security practices are only as good as the IT staff that sets it up and at the end of the day the person if the weakest link. No matter how many layers, protocols and policies you have in place, if a user clicks on a malicious attachment in an email it can bring the entire business crashing down.
Philip L. Banks
Philip L. Banks is the President of Banks Technology Services. Founded in 2011, the company helps businesses use their technology more effectively by offering a wide range of services including basic break/fix, backup/disaster recovery, and cloud migrations to mobility solutions, employee on/off boarding, and improving business processes.
One of the biggest misconceptions in data and endpoint security today is...
That a good (and up to date) anti-virus program will keep you safe.
That is absolutely no longer the case. With new variants of Ransomware running amok, the anti-virus programs are not able to keep up with the constant changes. Anti-virus and malware protection is absolutely needed, but educating users to detect threats is the best way to keep your data safe.
Matt Satell is the Content Director of Better Buys, an online hub for news, insights, resources and reviews on Business Intelligence.
By far the biggest misconception about endpoint security protection tools is...
The fact that even if you have the best security tools in the world, you're only as strong as your weakest link.
This means that if you're employees aren't properly training on security and data protection, your company can be vulnerable to an attack. More and more hackers are targeting low-level employees with spear phishing. Unfortunately, these employees can unknowingly give a hacker access to a company's network.
Tim Singleton is the Founder of Strive Technology Consulting, a managed services provider offering IT support and technology guidance to businesses in the Boulder/Denver area.
The biggest misconception companies have about endpoint security/protection tools is...
That they will work.
It sounds cynical, but if you rely on a single tool to prevent an attack and the bad guys figure out how to defeat that single tool, you're vulnerable. In reality, most security tools out there work quite well, but it is an arms race between the hackers and the security companies. The good guys plug a hole, the bad guys find a new one, the good guys plug that one, ad infinitum. If you are relying on a single solution for a security problem, you are vulnerable.
Think of digital security as a blanket on a cold night. If you are still cold, you don't think the blanket is broken. You realize it won't catch 100% of your heat, so you put another blanket on top. Get one antivirus program on your computers, one antimalware program to back it up, and another system to scan traffic as it enters your network. Put a firewall on your network perimeter and enable the firewall on your computer. As long as the layers aren't interfering with each other or causing performance problems, layer on security so you have multiple solutions protecting you at a time.