The future workforce will be dominated by one characteristic: flexibility. According to a new paper from Moor Insights & Strategy, 80 percent of organizations will offer “hybrid” options for their staff post-pandemic. This raises serious questions about security strategy and the ability to identify visibility gaps and the ability to manage risk effectively at the endpoint.
Fundamentally, you can’t protect what you can’t see. CISOs wanting to take a best practice approach to endpoint security must begin with comprehensive and continuous asset discovery and inventory.
A new era of flexible working
The work-from-home (WFH) era occurred with alarming rapidity. The truth is that many employees have adapted to the benefits that flexible home working offers. The challenge for CISOs is to identify and understand the security status of all distributed endpoints, such as whether they are correctly configured and do not have vulnerability or privilege access issues. According to Moor Insights & Strategy, there has been a 250% increase in cybercrime targeting WFH employees since the start of the pandemic predominantly driven by phishing and malicious botnets.
This puts home workers’ devices on the frontline against cyber-attacks, which means that continuous monitoring of all IT assets is a key requirement of any security program. However, the report identifies multiple examples of poor practice. Concerning statistics include:
- 75% of firewalls are misconfigured, due to BYOD policies and executive requests for special access
- 80% of endpoint devices have little or no protection, with 35% of these using default or weak passwords
- Over 60% of WFH staff use their work passwords to register for online accounts and services, exposing them to data security and privacy risks
The importance of asset discovery and inventory
A serious security breach could not only lead to unwanted publicity with headline financial losses and reputational damage but also impact the workforce. The report states that compromised employees typically experience a 45% decline in productivity. The answer is to implement best practices across people, processes, and technology, beginning with improved cyber hygiene for all employees.
While this approach can help eliminate some security gaps, the real work starts with SecOps teams gaining visibility into their distributed endpoint environment. Today 94 percent of IT decision makers discover unidentified endpoints on a weekly or daily basis. According to the report, asset discovery and inventory is the first stage to enhancing cybersecurity posture, integrity, and data flow. Without it, organizations will be exposed to even basic attacks that exploit unpatched vulnerabilities using lateral movement techniques.
The report outlines a four-point plan for securing the distributed workforce, beginning with asset discovery and inventory:
1) Understand what you have in your environment
This means investing in a single platform, offering a single source of truth for discovering and recording unmanaged assets. These could range from cloud and on-premises servers to workstations, laptops, VMs, and containers.
2) Patch proactively to reduce the attack surface
Nearly 60% of CISOs don’t know which systems have been patched and which need to be patched, according to the report. Once you’ve gained visibility into your endpoints with asset discovery and inventory, make sure they are up-to-date with the latest fixes.
3) Protect customers’ data and privacy
Use the same platform to manage data risk and privacy. Understand where sensitive information resides across your assets and where endpoints must be remediated in real-time, in the context of relevant regulatory frameworks.
4) React with agility and speed post-compromise
As good as your security posture is, threat actors have the advantage of surprise. If the worst-case scenario happens, ensure you respond rapidly before they have time to make a serious impact on the organization. This comes down to well-rehearsed incident response plans but also having the right tools for comprehensive visibility and control and taking rapid action at speed and scale.
In summary, traditional asset discovery and inventory tools make it unnecessarily difficult to create and maintain a comprehensive and accurate inventory of the endpoint environment in real-time. By maintaining consistent visibility into managed and unmanaged devices, integrated platform solutions provide a current, accurate inventory of hardware and software assets across your environment. Now is the time to bring greater intelligence to your endpoints wherever they exist.
Tanium’s unique architecture enables organizations to manage and secure endpoints at speed and scale, through capabilities including Patch Management, Asset Discovery and Inventory, Data Risk and Privacy and much more.