Endpoints often refer to devices such as computers, laptops, smartphones, tablets, servers and any other device that can connect to a network. The rise of remote work and IoT have only increased the number of endpoint devices, which makes endpoint security even more of a crucial aspect of IT security. These devices need to be protected from various cyber threats, such as malware, viruses and unauthorized access.
IT teams must implement security measures and solutions to safeguard the data and resources accessed and stored on these endpoints. Solutions often included antivirus software, firewalls and intrusion detection/prevention systems. The main question is, are these solutions working? Are they enough?
Well, 61% of CISOs and 53% of CEOs unfortunately believe that their organization is unprepared to cope with a targeted cyberattack in the next 12 months, according to Verizon Business’ 2023 Mobile Security Index report. (Though managing endpoints is a complex task, so it makes sense that many feel unprepared.)
As stated previously, bring-your-own-device policies due to a hybrid/remote workforce only adds to the complexity, and some of this complexity comes down to the Wi-Fi endpoint users are connected to.
According to the report, 71% of users don't change the default password on their home Wi-Fi, and nearly a third don't password-protect their home Wi-Fi at all. Using a unique, personalized credential adds an extra layer of protection, limiting access to those aware of the new password. This practice safeguards personal information, reducing the risk of data compromise.
Also, regular password changes promote good security hygiene, encouraging users to explore settings, check for updates, and avoid predictability. It prevents network abuse, minimizing legal consequences for potential malicious activities traced back to the connection, and it ensures Wi-Fi network isolation, which prevents unauthorized access from neighbors or nearby individuals.
Being remote also means endpoint users don’t have to stay home, unless company policy says so. And many endpoint users don’t stay home at all times. The report found that 90% of remote workers access corporate resources from locations other than their home with the average being five different locations. This could be to coffee shop down the road, the library or even the airport when traveling.
Accessing corporate resources on public Wi-Fi exposes users to various security risks, including the potential for Man-in-the-Middle attacks, unencrypted connections, rogue hotspots, network sniffing, endpoint vulnerabilities, session hijacking, device exposure and DNS spoofing.
Managing the location of endpoints and the networks they are on is enough to give one a headache, right? It doesn’t get any easier, unfortunately.
Generative AI, something many business have used to their advantages, is proving to be a cybersecurity challenge. Attackers are exploiting this technology to make phishing attacks even more effective. Just a sample of someone’s voice is enough to create a believable impersonation of their voice. That online video interview with the CEO could easily be turned into a convincing voicemail instructing an employee to change the payment details of a large supplier or reset credentials to an important system.
“A lack of understanding of the potential consequences combined with the blurring of boundaries between home and work make a dangerous combination,” said Mike Caralis, Vice President of Business Markets at Verizon Business. “Cybercrime is getting more sophisticated by the years, and it doesn’t always come in the form that you’d expect.”
One way IT teams are better protecting endpoint users is by implementing a zero-trust approach. It enhances company security by automating user access and detecting threats. This improves user experience, avoids onerous authentication, prevents unintentional blocks and ensures no unauthorized access to sensitive data.
The model fosters employee flexibility, focusing on verification for a better experience and agility in the threat landscape—integral to the SASE framework.
Edited by
Alex Passett
