THE STATE OF ENDPOINT PROTECTION & MANAGEMENT WHY SELF-HEALING IS THE NEW MANDATE

Similar documents
Mastering The Endpoint

Are we breached? Deloitte's Cyber Threat Hunting

Symantec Security Monitoring Services

Best Practices in Securing a Multicloud World

Whitepaper. Advanced Threat Hunting with Carbon Black Enterprise Response

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

mhealth SECURITY: STATS AND SOLUTIONS

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

AKAMAI CLOUD SECURITY SOLUTIONS

FOR FINANCIAL SERVICES ORGANIZATIONS

NEXT GENERATION SECURITY OPERATIONS CENTER

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Traditional Security Solutions Have Reached Their Limit

Carbon Black PCI Compliance Mapping Checklist

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS

align security instill confidence

A Practical Guide to Efficient Security Response

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Five Reasons It s Time For Secure Single Sign-On

HP Fortify Software Security Center

DIGITAL TRUST AT THE CORE

ZENworks: Meeting the Top Requirements for Automated Patch Management

SIEM: Five Requirements that Solve the Bigger Business Issues

Evolved Backup and Recovery for the Enterprise

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

Machine-Powered Learning for People-Centered Security

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

A Guide to Closing All Potential VDI Security Gaps

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Managed Endpoint Defense

CYBER RESILIENCE & INCIDENT RESPONSE

The Data Protection Rule and Hybrid Cloud Backup

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Gujarat Forensic Sciences University

External Supplier Control Obligations. Cyber Security

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Combating Cyber Risk in the Supply Chain

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

McAfee epolicy Orchestrator

Securing Devices in the Internet of Things

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Security Enhancements

FIVE REASONS IT S TIME FOR FEDERATED SINGLE SIGN-ON

SIEMLESS THREAT DETECTION FOR AWS

74% 2014 SIEM Efficiency Report. Hunting out IT changes with SIEM

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

DDoS MITIGATION BEST PRACTICES

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Device Discovery for Vulnerability Assessment: Automating the Handoff

Make security part of your client systems refresh

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

The 2017 State of Endpoint Security Risk

Cognizant Cloud Security Solution

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

SECURING DEVICES IN THE INTERNET OF THINGS

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

Tips for Effective Patch Management. A Wanstor Guide

ForeScout ControlFabric TM Architecture

Managing EUC Threats. 3 Simple Ways To Improve Endpoint SECURITY

Automated, Real-Time Risk Analysis & Remediation

The Future of Network Infrastructure & Management

Secure the value chain. Risk management in the omnichannel consumer and retail environment

2015 VORMETRIC INSIDER THREAT REPORT

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Practical Patch Compliance

Trend Micro Deep Discovery for Education. Identify and mitigate APTs and other security issues before they corrupt databases or steal sensitive data

Privileged Account Security: A Balanced Approach to Securing Unix Environments

An ICS Whitepaper Choosing the Right Security Assessment

Keys to a more secure data environment

DIGITAL TRUST Making digital work by making digital secure

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Continuous protection to reduce risk and maintain production availability

Security-as-a-Service: The Future of Security Management

THE CYBERSECURITY LITERACY CONFIDENCE GAP

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Securing Today s Mobile Workforce

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Data Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

Secure Access for Microsoft Office 365 & SaaS Applications

Security: The Key to Affordable Unmanned Aircraft Systems

Transcription:

THE STATE OF ENDPOINT PROTECTION & MANAGEMENT WHY SELF-HEALING IS THE NEW MANDATE ENTERPRISE WHITEPAPER

100% VISIBILITY OF ENDPOINT STATUS IS SURPRISINGLY (AND UNACCEPTABLY) SELDOM ATTAINABLE, WITH THE AVERAGE TYPICALLY FALLING IN THE 80-90% RANGE. 1 Devices with sensitive data may get lost or stolen; and the very endpoint agents that are critical for seeing and controlling the devices become broken. Employees also go off the corporate network for long stretches of time without the latest patches, updates and security files thus leaving them exposed to advanced threats. Critical software agents are also lost when firmware is flashed, the device is re-imaged, the hard-drive is replaced, or if the OS is reinstalled. All of these scenarios create dark endpoints which fracture visibility and open up unacceptable vulnerabilities to insider threats, malicious attacks or other risks affecting business operations. Dr. Larry Ponemon, chairman of the Ponemon Institute, quantifies the dark endpoint situation by noting that 67 percent of enterprises are unable to detect employee use of insecure mobile devices 2. Despite best efforts to patch these applications, if the security agent is not active on the endpoint, organizations have zero visibility and control of the application. And that s a problem for both Security and IT Operations. This white paper delivers the first ever released statistics from the unique vantage point that Absolute has as the only infrastructure company that device manufacturers around the world use for embedded persistence technology in the firmware of desktops, laptops, tablets and smartphones. The white paper aims to answer some of the top questions Security and IT Operations executives face: How do you know if all devices are 100% compliant with IT and Security policies when they go off the network or critical security agents are missing? What do you do if the mission critical endpoint applications you ve invested in are removed or corrupted? This white paper will examine and debunk prevailing myths on the state of endpoint protection and asset management as it relates to visibility and control. We also propose a novel solution to these challenges with the Absolute s Application Persistence capability that delivers uncompromised visibility and real-time remediation. ATTACKING JUST THE SYMPTOMS CREATES MORE PROBLEMS For many organizations, their internal IT teams must constantly patch, fix, update and perform tedious tasks as most remediation today is still performed manually. On average, as an IS Decisions survey 3 found, most organizations spend three or more hours per compromised host on incident respond. IT and Security teams need a better way to ensure and strengthen the presence, health and value of endpoint security and management controls. Overall, these teams need to improve: Management and total visibility of endpoint assets at all times, anywhere The response time for remediation when a device with sensitive data goes dark How can you secure what you can t see? Automation so uncontrolled devices do not require staff intervention ENTERPRISE WHITEPAPER 2

Most organizations invest heavily in security and asset management infrastructure to address these needs. As powerful as these solutions are, understaffed and overworked security teams still scramble to investigate and respond to incidents and vulnerabilities. Let s look at some of the common misconceptions that keep staff battling symptoms rather than the root cause of security risks. TOP 5 ENDPOINT PROTECTION MYTHS DEBUNKED Myth #1: We have over 95% of endpoints compliant with required applications, all patched with the latest version. Fact: Based on Absolute s base of thousands of endpoints under management, research shows that the majority of organizations have only 80-85% of their endpoint devices actually running critical applications. This figure implies there is a greater risk of breach, non-compliance as well as potential impact on productivity and an organization s reputation. It also means that organizations that have spent substantial dollars and resources on deploying state of the art security and asset management software are not getting the full return on their dollars since well less than 100% of endpoints are running critical applications. Myth #2: All of our endpoints are already encrypted and data is protected, so we don t need to worry. Fact: The reality is that only 80-85% of endpoints are actively running the encryption software that their organization invested in to boost their security posture. That 15-20% gap represents unacceptable risks for nearly all organizations but especially intolerable for those in financial and healthcare organizations where sensitive information (personal, financial, medical records) is vital to protect. Myth #3: Eventually, all of our devices will get updated when they re back on the network. Fact: The truth is that most organizations have a substantial population of devices (as high as 20%) that are off the network and may not receive the latest patches, updates, security files for weeks or months leaving them vulnerable. This highlights the need for automated self-healing so that endpoints are in compliance at all times whether or not they are on the corporate network. How is that possible? Clearly the solution must be resident in the device firmware itself so it activates automatically when it detects the absence of critical application software running and can re-install it even if off network. In other words, the endpoint application must persist or remain present no matter what happens to the device. Myth #4: 100% of our endpoints are reporting in for security, IT asset management and compliance tracking. Fact: Absolute has found that typically more than 5% of endpoints are simply NOT reporting in because the required software agents are not running on the endpoint. This is the fractured visibility that causes the core issue that you can t secure or manage what you can t see. The dark or missing endpoints not only represent a security threat but also reduce the ROI on your infrastructure spending because mission critical applications are not fully deployed on each and every endpoint and actively running non-stop. Dark endpoints may also be devices that have long since been retired or decommissioned and should no longer count toward your software license count or compliance reporting. Absolute has found that as many as 10% of endpoints do not contain the required encryption solutions, often caused by devices that are off network, re-imaged, lost/stolen, or simply NOT managed. The necessary remediation impacts endusers, burns up IT helpdesk resources, which has significant financial costs, not to mention the regulatory penalties and reputational damage should a data breach occur. ENTERPRISE WHITEPAPER 3

Myth #5: Data breaches are caused by outside attackers so that s what we need to protect against. Fact: Insiders (malicious or unintentional users) are becoming the fastest growing source of threats, according to Symantec 4. Employees are often putting sensitive data at risk by not updating security endpoints, downloading data to personal devices, removing security agents, etc. Insider threats and malicious intent are also obvious factors that can contribute to data breaches. According to an IS Decisions study, 35% of organizations in the US and UK with over 10,000 employees have suffered an internal security breach in the past 12 months. 5 Clearly, these compromised endpoint agent controls create fractured visibility that must be corrected immediately. Unfortunately, it takes a considerable amount of manual IT effort, which often disrupts endusers, to get those machines back in compliance and hardened from risk of insider threats. There are tools available today that can help, and chances are that you have already invested extensively in such infrastructure. However, the challenge is that they require the device to be connected to the network and all the endpoints controls to be present and healthy. What s needed to protect against insider threats is a solution that automatically remediates the endpoint regardless of being on or off the network. RECOMMENDATIONS FOR AUGMENTING ENDPOINT PROTECTION AND MANAGEMENT Organizations must move from the current IT laborintensive and largely reactive measures to a more proactive and automated self-healing. IT Operations and Security teams are already burdened investigating incidents, remediating risks, and tracking down devices that have gone dark. To protect your organization, you need to fill in the visibility gaps and build upon your existing endpoint protection. Absolute recommends the following best practices: 1 IDENTIFY THE SHORT LIST OF ABSOLUTELY CRITICAL SOFTWARE THAT MUST ALWAYS, ALWAYS RUN ON EVERY ENDPOINT NO MATTER WHAT HAPPENS TO THE DEVICE. 2 LOOK FOR A SOLUTION THAT ENSURES 100% OF YOUR ENDPOINT SOFTWARE AGENTS ARE RUNNING EFFECTIVELY REGARDLESS OF NETWORK STATUS. 3 DEMAND SELF-HEALING CAPABILITIES OF YOUR ENDPOINT SECURITY AND MANAGEMENT VENDORS. 4 USE TECHNOLOGY TO AUTOMATE AND REDUCE END-USER DISRUPTION AND SUPPORT RESOURCES TO ACHIEVE COMPLIANCE. ENTERPRISE WHITEPAPER 4

It s not about replacing all your endpoint security measures but rather building a more resilient security stack that promotes automatic, real-time self-healing remediation. Absolute brings to the enterprise resilient technology that has already been embedded in the firmware of leading device manufacturers for over a decade. Application Persistence, powered by patented technology embedded in over 1 billion devices globally, helps augment existing infrastructure for additional layers of security. With Application Persistence, organizations are always aware of the presence, health and compliance of endpoint controls. Application Persistence benefits include the ability to: Ensure Application Resiliency: Absolute provides the exclusive ability to see and control devices, applications and data both on and off the network to ensure critical endpoint applications are always available and effective. Automatically Repair Breaches: An attempt to disable an endpoint control triggers an automatic reinstall and repair of the agent to maintain compliance in an increasingly persistent threat environment. ORGANIZATIONS UNDER PERSISTENT ATTACK NEED PERSISTENT SELF- HEALING ENDPOINT DEFENSES. THE WORLD WILL BE MORE SECURE WHEN ALL ENDPOINT AGENTS CAN REPAIR THEMSELVES TO PRESENT A UNITED FRONT IN THE BATTLE AGAINST PERSISTENT ATTACKERS AND INSIDER THREATS. HOW APPLICATION PERSISTENCE LEVERAGES EXISTING INVESTMENTS Traditional security tools, which may include existing security investments, cannot protect devices when they are off the network or the agent is somehow disabled. What s needed is always-on visibility and instant remediation of all devices even when off the corporate network. Proactively Minimize Risks: Security pros can now keep critical applications on devices, minimizing security risks and reducing vulnerabilities. With no IT intervention, agents can be restored across all endpoints. Ensure Compliance: With automated control remediation, IT can easily maintain correct application versions to meet compliance requirements. Deploy Instantly: Absolute s core technology is already embedded in more than one billion popular PCs, laptops and other mobile devices, so customers only need to activate via a cloud-based platform for fast results. Application Persistence addresses the problem of dark endpoints because it maintains a constant connection with the device, whether it s on the network or off, or otherwise compromised. And that connection enables self-healing by triggering the re-installation of critical software. ENTERPRISE WHITEPAPER 5

ABSOLUTE CURES THE ROOT CAUSE OF ILLNESS, NOT JUST SYMPTOMS Humans have a remarkable immune system that triggers selfhealing whenever an attacking body intrudes on the system or develops from within. This self-healing strategy pays off big dividends by giving humans astounding resilience. In a similar way, the IT and Security industry needs self-healing infrastructure to build robust immunity to thwart illnesses from attacks from within (insider threats) as well as from the outside (exfiltration). Absolute enables self-healing built into every endpoint, which is the key to enterprise resilience in the face of unrelenting attacks and never ending vulnerabilities. Fortunately, Application Persistence illuminates these dark endpoints, attacks the core of the security illness, and empowers your organization with innovative real-time selfhealing remediation. It s not about replacing your existing security investments; it s about strengthening them and taking a holistic approach to security. With over ten years of experience in self-healing endpoint technology, Absolute s partnership with leading device manufacturers ensures Persistence technology is already embedded in over 1 Billion laptops, tablets and smartphones globally. Simply stated, Absolute is already there in your enterprise s devices. All that is required is activation of Application Persistence. Your organization too can leverage self-healing infrastructure with Absolute s Application Persistence solution. For more information about Application Persistence, contact Absolute for an audit and security assessment. Get more insights on Application Persistence at absolute.com/products/application-persistence. FOOTNOTES: 1) IBM and Ponemon Institute 2016 Cost of Data Breach Study 2) Ponemon Institute The Cost of Insecure Mobile Devices in the Workplace 3) Insider Threat Security Manifesto, IS Decisions Study 4) Symantec Internet Security Threat Report 2016 CONCLUSION 5) IS Decisions Study Endpoint security and asset management assumptions and myths must be challenged as the advanced threat landscape, the way we work, and emerging platforms constantly change and evolve. But with this flux, endpoints are no longer just on the network or within traditional firewalls. Dark endpoints, including many that are perceived to be reporting in and secure, are breeding grounds for data breaches. The current approach to endpoint security is often fragmented, takes a considerable amount of manual IT effort, and is mainly treating the symptoms, not the illness. ENTERPRISE WHITEPAPER 6

ABOUT ABSOLUTE Absolute is the leader in self-healing endpoint security with a fundamentally new approach that ensures uncompromised visibility and real-time remediation to stop breaches at the source. Our SaaS platform puts IT and security professionals in total command and control of devices, data and applications whether they are on or off the network--to improve IT asset management, ensure compliance, protect data and reduce insider threats. Our core technology advantage, Absolute Persistence, is embedded in over a billion popular devices, giving our platform and other endpoint controls the power to self-heal and withstand user errors or malicious attacks while returning to an original state of safety and efficacy. With this trusted two-way connection, our customers can see it all and secure it all with zero impact on users. More than 25,000 organizations and the world s leading device manufacturers including Acer, Dell, Fujitsu, HP, Lenovo, Samsung, and others rely upon Absolute s selfhealing endpoint security solutions for the ultimate awareness and resilience. For more information, visit www.absolute.com. Always There, Already There. Only Absolute gives you the uncompromised visibility and real-time remediation to stop security breaches at the source. This is made possible by our Absolute Persistence self-healing technology, embedded in over a billion popular endpoint devices for the power to withstand user error or malicious attacks and return to an original state of safety and efficacy. No other technology can do this. For more information, visit absolute.com. 2017 Absolute Software Corporation. All rights reserved. Absolute and Persistence are registered trademarks of Absolute Software Corporation. All other trademarks are property of their respective owners. ABT-endpoint-protection-WP-E-020917

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback