Monday, April 2, 2018
As the cloud takes center stage in cybersecurity discussions, we can’t forget the importance of protecting organizations on the endpoint side. The Internet of Things (IoT) has created an entire host of devices that could possibly be compromised, and protections should be in place to make sure these devices are secure.
Maintaining endpoint security means four things:
- Using central endpoint solutions
- Carefully selecting efficient programs
- Automating processes
- Using intelligent tools to learn from the past
Being able to stop threats on endpoint devices is extremely important as a secondary defense of cybersecurity after cloud protection and firewalls. One of the easiest things organizations can do is save time and effort by installing central endpoint solutions rather than individual installations on each device. By centralizing the protections, it's easier to diagnose and quickly solve problems. Giving your team quick access to all the devices will make their job much easier. Also, with a whole host of products available, companies should put individual updates on each device behind them.
Productivity should not have to be sacrificed for security because these two things do not have to be mutually exclusive. There are many tools that hinder individual users' ability to get their work done for “security.” Sometimes it's easy to think that because endpoint protections are cumbersome or limiting it means that they are doing a good job. On the contrary, users should shop around multiple products to find the protections that least limit the users while still providing security on all devices.
Another crucial factor comes with finding ways to automate the processes and decision making behind every device. Automation will help experts spend more time thinking ahead of the curve and less time playing catch-up to the latest threats. Automation can be used to streamline processes and also to install updates and patches quickly and efficiently on all devices on a central solution system.
Learning from incidents is extremely valuable, as well. Problems will arise at some point, otherwise the cybersecurity measures wouldn’t be necessary in the first place. Investigating each incident and sharing the information in an easy-to-understand way with all parties within the organization means that there is depth of knowledge about problems and scenarios that extends outside the IT department.
Recently, Palo Alto Networks released version 5.0 of its Traps product for endpoint protection. Through intelligence monitoring on the cloud, this system is designed to instantly detect threats to be analyzed, along with the appropriate data.
Fuel Member Phil De Meyer said about the release, “Seeing Traps moving to leverage a more dynamic source of protection data means that you will see more emphasis placed on traffic and techniques that are presently being seen across numerous networks. This only adds to the value that this additional data can provide to not only Wildfire endpoints and NGFW, but also getting logging as well. Plus, Traps on Linux is great; it is always good to see more protection for Linux services.”
Fuel Member Paul Carter added, “With the Traps solution being in the cloud, support, upgrades, high availability and interaction with the Palo Alto Networks cloud services (Wildfire, etc.) can more easily facilitated.”
It will be interesting to see the ways in which this product helps address the four points of maintaining endpoint security. If anything, it is good to see that endpoint security continues to be front and center on the minds of our members and the broader cyber security community in general.
We want to hear from you. Start a discussion using the button below.