Security

Improving Endpoint Security in the New Normal

Endpoint security needs have changed, but being ruthlessly practical can help enhance your multilayered security strategy.

Evan Doty

Evan Doty is a senior field solution architect at CDW focused on hybrid cloud and Microsoft Azure. His areas of expertise include LAN and WAN network design and implementation, Windows system administration, project management, call center management and deployment, and IT vendor management.

Not so long ago, endpoint security was about protecting the perimeter of a centralized location and preventing data from escaping. Like the X on a treasure map, the endpoint was a clear, fixed point. It was controlled, and organizational security protected it accordingly. Thanks in part to the pandemic, however, this all has changed.

With employees working at their respective home offices, on the road and in the physical office, the endpoint has become rather uncontrolled. Federal agencies need to find ways to ensure their data is protected, regardless of where the data is at any given moment. To do so, many agencies are issuing burner laptops, phones and other devices to their traveling workers, especially when those workers have been using personal devices for work.

There are other ways to evolve your agency’s endpoint security amid the new normal. By adopting some of these best practices, your endpoint security can provide another layer of protection for intellectual property, secrets and other information.

Click the banner below to get access to customized content by becoming an Insider.

Endpoint Security Requires Ruthless Practicality

Building a multilayered security strategy is about being ruthlessly practical. Determine what will have the highest impact at a sensible cost and what will have the lowest time to delivery, then execute on that. The resulting security implementations will vary on an agency-by-agency basis, but this mindset will help IT teams maximize resources, financial and otherwise.

There are certain security measures that generally hit this mark at every organization.

EXPLORE: How endpoint detection and response is protecting agencies against cyberattacks.

First and foremost is anti-virus software. Though not new, anti-virus software continues to be a valuable component to endpoint security. Anti-virus software successfully puts out a lot of fires before they become noticeable. It is both inexpensive and fast to deploy, making it a staple defensive measure that should be a part of all endpoint security.

Zero-trust security is a close second when prioritizing ruthlessly practical measures. This security model can include multifactor authentication and other enhanced identity governance, microsegmentation, device agents, device application sandboxing, and more. Why? Zero-trust network architecture boils down to a simple philosophy: Don’t trust anyone or anything. This doesn’t just go for external parties; internal personnel also are not to be trusted.

The People Aspect of Endpoint Security

The user is part of the endpoint, and despite the fact that most data breaches depend on social engineering, the user is often forgotten. While technical controls are 50 percent of the endpoint security story, people are that other 50 percent.

It’s important to strike a balance between the technical control aspect of endpoint security and the people aspect. If you make something too secure, people won’t cooperate. Consider having to go through multiple multifactor authentication measures to log in to a company device. Many employees may instead choose to work on their personal devices and log in to company devices only as necessary.

LEARN ABOUT: How agencies can better navigate zero-trust.

While having subpar enhanced identity governance might be simpler for employees, it puts employees and entire organizations at risk. The recent Microsoft breach is a prime example of this. In a company post, Microsoft reveals that the group LAPSUS$ would often target and compromise Microsoft employees’ personal accounts, using this as a springboard to search for additional credentials that could be used to access the organization’s system.

Endpoint security isn’t solely about technical controls. By navigating with a ruthlessly practical mindset, both the technical and interpersonal aspects can be brought into balance, ensuring greater endpoint security for the new normal.

This article is part of FedTech’s CapITal blog series. Please join the discussion on Twitter by using the #FedIT hashtag.