Your employees are remote, are your endpoints protected?
In recent years, many businesses had already begun planning for a gradual shift towards an increasingly remote workforce, yet fewer had implemented a mobile-first strategy, and some were still formulating strategies. At a gradual pace, IT administrators could handle a small percentage of remote workers and saw the management features of device enrollment programs and network security measures as enough to manage a few remote devices and cyber risks.
Enter the new reality of 2020 and a sudden, unplanned thrust towards an almost entirely remote workforce: many businesses have been scrambling to mobilize; employees are using personal devices to stay connected to work; and IT administrators are straining to keep up with the huge influx of managing and protecting devices.
Whereas at the start of 2020, manual device management processes and little, if any, mobile security may have been good enough, the almost-instant change in circumstances makes manual device management cumbersome and a lack of robust mobile security controls leaves businesses exposed to cyber risk. Now more than ever, businesses must move quickly to assess and adapt for resiliency across their entire ecosystem, especially their remote and mobile workforces. Unified endpoint security should be one of the top priorities.
Hearing the term “endpoint,” one primarily thinks of a laptop or desktop. However, endpoints are really anything connected to the company network or the internet. This includes mobile phones, smartphones, tablets, servers, and even specialized hardware such as Point of Sale (POS) systems and other Internet of Things devices. And in this current environment, it also means corporate-owned and bring your own devices (BYOD) as well as various operating systems. Ultimately, this suggests that “endpoint security” encompasses many unique variables that need to be managed.
Implementing an industry-leading Unified Endpoint Management (UEM) solution is paramount given these circumstances. UEMs onboard, deploy, configure, and enroll devices so that the workforce can get up and running quickly. They help devices stay compliant with industry- and company-mandated regulations. UEMs today are also able to do advanced IT management actions like view or remote in on a device as if they had the device in their hand to help troubleshoot issues. All key capabilities when the IT manager can’t be in the same room as the device.
UEM describes only the management aspects of unified endpoint security. Businesses must also consider the security elements needed to protect endpoints from advanced cyber threats. Endpoints have a huge target on them for cyber criminals with 70% of breaches originating on the endpoint. Cyber criminals recognize that endpoints are an effective way to launch an attack. Recent mobile device testing revealed up to 25% of employees are fooled into clicking phishing links. Although businesses recognized endpoint security as a critical layer to the security ecosystem, given the current circumstances, it needs to be addressed urgently.
With a mobile-first strategy in mind, it is imperative that businesses not only consider a UEM but also enable a Mobile Threat Defense (MTD) solution to help protect against mobile threats. Businesses should look for a solution that protects against key threat vectors of device, network, and application. One of the biggest threats to mobile devices is phishing, and MTD solutions are designed to protect a device from phishing regardless of how the phishing attempt comes in (SMS or “smishing”, messaging apps, social media apps, websites, email, etc.) A MTD will help keep a pulse on what’s going on in the endpoint environment and potential security threats.
In addition to detecting threats, businesses must be able to take immediate action on that device if a breach or compliance issue arises to keep company data protected. Therefore, a properly executed MTD solution is also fully integrated into a business’s UEM solution. To emphasize the importance of a UEM + MTD solution, here are a couple of examples:
- If an employee has a jailbroken or rooted device and is trying to access your Office 365 application, by combining the power of MTD with UEM, the company could deny this access until the device was brought back into compliance.
- If a user accidentally clicks on a malicious link that installs malware on a company-owned smartphone, policies could automatically delete the company applications until the malware was removed and then automatically reinstall once remediated. All automated and virtually seamless for IT administrators and the end users.
The combination of UEM and MTD into a unified endpoint security solution can help you to quickly realize the full benefits of a mobile-first strategy and can help you to protect your remote workers during this critical time and into the future on your journey to cyber resiliency.