to application control is much more effective , beginning with a local list of approved software applications , alongside a trust engine that lets IT define criteria for trusted applications .
For example , IT can specify trusted publishers , updaters , paths or locations . It also lets them maintain a blacklist of denied applications that for security , productivity or even bandwidth usage reasons users are unable to introduce into your environment . This means even if software that isn ’ t explicitly on an organisation ’ s whitelist does end up on its machines , it simply won ’ t run . Combine this with regular and consistent patch management and CIOs can rest assured that their organisation is protected against all software vulnerabilities that are already known to the major software vendors such as Google , Apple and Microsoft .
These routine steps of introducing application control and regularly patching all trusted programmes can eliminate 99 % of the IT security risks to the organisation . However , user education , antivirus , device control and configuration management all have a role to play in providing a well-rounded and robust defence of IT networks . Realistically , no organisation will ever get to 100 % secure , but this approach prevents the final one percent being a catastrophic gap .
Ransomware has been dubbed the fastest growing ‘ industry ’ in IT security , affecting big and small businesses alike , in every industry . Crypto-ransomware , in particular , is an insidious and rapidly emerging technique which uses strong cryptography to encrypt all data stored locally and directly attached to a server or workstation , holding it hostage until the ransom payment is made .
Unlike more targeted attacks or malware with espionage-related goals , ransomware is opportunistic and generally not targeted at any specific individual or organisation . Typically delivered via phishing emails , drive-by downloads , or malvertising , anyone with an email address or a web browser is a potential victim .
Patch management remains one of the most effective means of thwarting attacks , including crypto-ransomware . Essentially , patching reduces the known software or network vulnerabilities to minimise the exploitable areas attractive to cyber criminals . To protect against crypto-ransomware in particular , patching operating systems , Microsoft Office , Adobe applications , web browsers and browser plug-ins are important . To that end , centralised patch management is key . Without a centralised solution , businesses are left to rely on multiple individual updates from every software vendor , which becomes impossible to manage . Additionally , devices and network performance can become degraded , and if users are turning off auto-updates , a business ’ exposure to risk becomes far greater .
A key step towards coping with increasing security risks is ensuring that the business is equipped to communicate , manage and resolve incidents with utmost efficiency . This can only come by achieving harmony between security and service desk teams . The benefits of better collaboration between these teams is perhaps nowhere more keenly felt than in terms of BYOD . By 2018 , Gartner predicts that 40 % of contact with the IT service desk will be related to smartphones and tablet devices , an increase from less than 20 % in 2015 . Threats like ransomware , which are increasingly targeting mobile devices , will drive this increase and , as companies introduce BYOD strategies , they need to ensure that these personal devices are secure to access the network and , in doing so , bringing the service desk and security together is essential . At the most basic level , you can ’ t properly manage devices without accounting for security and you can ’ t secure them without managing them .
IT security and service desk collaboration is just as important for company-wide policies as it is for each individual device . For instance , the process of introducing cloud apps like Dropbox at a companywide level will have a profound impact on the service desk and IT security team alike . The service desk will need to implement new processes and will need to expect a spike in support requests before , during and after migration as employees acclimatise to new processes . Likewise , IT security needs to get used to the idea of confidential files being stored in the cloud and not on premise , while ensuring the same level of security .
“ The biggest ( endpoint risk ) identified in this year ’ s research is the negligent or careless employee with multiple mobile devices using commercial cloud apps and working outside the office ”
2015 State of the Endpoint Report : User-Centric Risk , The Ponemon Institute
“ The status quo is no longer fully effective for endpoint security .
Application control , when used as part of a multilayered approach to endpoint security , shows great promise in the enterprise battle against sophisticated malware and unwanted applications .”
Derek Brink , Vice President and Research Fellow for IT Security , Aberdeen Group
The security threat landscape is complex , multi-faceted and ever evolving . However , IT and security teams can prevent , detect and respond given access to the right technologies and toolsets . This is the CIO ’ s responsibility as much as anyone in the business , and the time to take action is now . It is a question of when , not if , businesses are subject to attack . Therefore creating rules and a layered approach to security before an attack is any organisation ’ s best chance of staying secure .
Learn more about key endpoint strategies with HEAT Software at www . securityplusonline . co . uk / HEAT