Questions IT professionals need to answer
We all know IT professionals move too frequently between fires. The demands of overly complex infrastructure, continual threats and time-strapped IT Security teams mean leaders must go to where the smoke is, only occasionally stopping to ask themselves “Am I making any progress?” To begin to answer this question, you must start with another question…five of them, in fact. Regardless of the size of the environment, geography, industry, every IT professional should be able to answer these simple questions about their environments to ensure they can secure it properly.
- How many endpoints are on my network, both managed and unmanaged?
- How many authorized and unauthorized software versions do I have installed across my network?
- Are all of my endpoints configured according to best practices and compliant with industry baselines and standards?
- How are we continuously assessing and remediating security vulnerabilities?
- Who has administrative access to my endpoints and do they need that level of access?
These questions aren’t new. They are the top five controls according to the SANS CIS Critical Security Controls list. And if you don’t know the answers to these questions, then you likely have to undergo costly compromise assessments and may already be hacked. But you’re definitely not alone.
Based on a recent report from NASDAQ and Tanium, only 2% of executives from highly vulnerable companies feel confident that they are tracking all their devices and users on their systems at all times. From the same report, only 9% of the same companies’ board members said that their systems were regularly updated in response to new cyberthreats. Companies are paying the price: Gartner estimates that an unmanaged PC costs a company over $310 per year in unnecessary support calls and lost productivity. For a large organization, the impact is in the millions of dollars. Every CIO wants to spend those dollars differently.
For example, If you’re not sure if you actually have 5,000 or 8,000 instances of Java running, or if you’re unsure of how many versions of Adobe Flash are deployed across your enterprise, do you truly know what your attack surface looks like? What’s your risk exposure if you’ve got an IT shop of 50 people and you’ve got thousands of users with Local or Domain Administrator privileges? Lastly, how quickly could you minimize that attack surface and mitigate the risk across your enterprise? Mitigating cybersecurity threats requires a multi-faceted approach. Organizations that can answer these basic questions position themselves for success.
You can’t secure what you don’t know
Most existing approaches to answering these questions cobble together data from multiple tools, none of which can be viewed as a source of timely, accurate information. These tools don’t scale, provide answers quickly enough, or effectively gather data from the endpoints that they don’t know about. Triangulating to get these range-based answers erodes confidence that you actually know the real answer and sets organizations up to fail their next compliance audit.
What happens if we as IT professionals cannot answer these questions? It’s simple. We get had. The Verizon DBIR report has shown us the time to infect is decreasing while the time to detect is increasing. Progressive and fast moving organizations need to know where they’re infected in seconds or minutes, not in days or weeks. To help resolve many of the security vulnerabilities that exist in our environments, we need to address the basic level of endpoint hygiene as quickly as possible and as often as needed. Then take what we learned about the hygiene of our environments and embody that to increase our security posture.
It’s time for IT professionals to have confidence in answering these questions with precision and confidence. Learn how Tanium can help you with security hygiene in this solution brief.
About the Author: Jennifer Ellard leads Tanium’s security product marketing and go-to-market efforts. Jennifer joined Tanium in 2016 and her focus is on developing content, driving pipeline, working with security partners and enabling sales teams. Previously, Ms. Ellard was at Hewlett-Packard and Symantec leading product marketing and partner marketing teams. Jennifer’s education includes a Bachelor’s degree in Marketing from University of Alabama in Huntsville and Masters in Business Administration from Santa Clara University.