Nominate female innovators of the year

Rewarding innovation
Female Innovator of
the Year Award.



Wednesday, Oct 23rd

Endpoint security is not dead

Endpoint security is not dead.

Endpoint security software, AV in particular, is getting a bad reputation for being an ineffective security measure. Advanced attacks, increasingly sophisticated threats, and trends such as cloud, mobility and the Internet of Things are changing the security game and upsetting the balance.

Simon Campbell-Young, CEO of Phoenix Distribution, says in the past, endpoint protection was considered a cure-all. Each machine in the business had endpoint security installed, which regularly updated signatures, patched as necessary, scanned regularly, and users were good to go. "The usual array of threats, viruses, worms, spyware and adware were no longer a worry."

However, the landscape changed when far deadlier threats emerged. "Threats like Stuxnet, which first showed how malware can be weaponised, changed the game. Alongside this, the cyber underworld started to organise itself more effectively, developing stealthier malware, more advanced evasion techniques and zero-day attacks. To counter this, the security community brought out more sophisticated counter measures such as sandboxing, cloud intelligence, file reputation services and dynamic payload analysis," Campbell-Young explains.

He says this heralded a significant shift in the security game, as security vendors frantically began playing ‘catch up' with threat actors. "Too often, those that were tasked with protecting their businesses from these new threats were not au fait with more advanced threat techniques, and continued to rely too heavily on traditional endpoint protection."

Unfortunately, this is still the case today at many companies. "The IT department slaps endpoint security on all machines, too often in some minimal configuration, and lets it tick over, updating signatures, running scans and so on. This results in the organisation suffering a breach, and the blame being laid at the product's door."

Campbell-Young says this mindset needs to change. "Technical departments must take proper control of endpoint security and train staff properly on installing, configuring and provisioning it, as a part of the whole security strategy, not as a stand-alone solution. A proper understanding of what the endpoint security requirements are must be reached, and a plan written to tweak endpoint security to the businesses' needs to mitigate risk, and protect the various endpoint devices."

At the end of the day, he says a company's users pose the biggest risk to its security. They have access to the most sensitive data, and too often turn a blind eye to security policies, engaging in risky behaviours that they know they shouldn't. They will unthinkingly plug all manner of devices into the corporate network, and download applications without considering the security implications.

"All this sensitive data on your users' endpoints is being targeted by cyber criminals, who will exploit these endpoints to gain a foothold into the company. This adds up to a huge challenge for the technical department, and the only way to address it, is to ensure that good endpoint security is in place."

ALSO ON ITWEB AFRICA

Orange, Global Fund unite to mobilise m-health solutions Published on 10 October 2019

Aim to speed up action against AIDS, tuberculosis and malaria.

Finding banking's 'Phoenix': how a new industry can emerge from ashes of today's landscape Published on 14 October 2019

Research suggests that global digital 'pure-play' giants represent the biggest threats to banks says Felix Antonysamy, Business Development Head, Banking vertical - Africa, Wipro Limited.

Call for papers opens for ITWeb Cloud, Data Summit & DevOps Summit 2020 Published on 23 October 2019

The Cloud, Data Summit & DevOps Summit 2020 will be held on 11 February, at The Forum in Bryanston, and the call for papers is now open.