Maintaining network security is one of the biggest challenges any enterprise faces. This isn't just an IT issue, as data breaches and other security incidents such as ransomware or DDoS attacks can greatly disrupt operations, leading to lost income and reputation.
As such, you need to take a holistic approach to protecting your systems. And one element within this it's vital you don't overlook is endpoint hardening.
Why endpoint hardening matters
Endpoint hardening refers to boosting the protection of end-user devices used to connect to your network. Traditionally, this has included desktop and laptop PCs, as well as mobile devices such as smartphones and tablets, and meant safeguarding them from malware and other intrusions hackers may use to gain access to a network.
According to the Ponemon Institute, almost seven out of ten firms (68%) experienced an endpoint attack in 2020 that compromised data or their IT infrastructure, with the cost of a successful attack increasing to an average of $8.94 million per incident.
What's more, 51% of firms said these issues were hard to deal with because their existing endpoint security was unable to detect advanced attacks.
This is a situation that may become even more challenging in the coming years, as trends such as BYOD and the IoT mean the scope of these activities has increased dramatically.
At the same time, the rise of remote and flexible working also increases the footprint of your network and often introduces poorly-protected endpoints that hackers are eager to exploit.
Even before the shift in working patterns brought about by COVID-19, LogMeIn found 30% of IT professionals admitted they weren't sure how many endpoints their company actually had, and the pressures these employees face has only increased since.
Protecting both software and hardware
To defend your endpoints from threats, there are two key areas to focus on - protecting the software and protecting the hardware.
When it comes to software, tools such as antimalware services are vital, as are effective access management solutions. For example, the use of two-factor authentication should be a bare minimum to prevent the risk of hackers using compromised passwords to gain access to an endpoint's software. A good patch management strategy is also essential, so organizations need a plan to update endpoints that are off-premises.
On the hardware side, solutions such as disabling USB ports can help prevent the use of external plug-in tools that can bypass restrictions. Full encryption of hard drives is also vital to prevent information being compromised if a device is lost or stolen. This ensures that data is protected at rest as well as when it's in transit.
Performing a regular audit of your endpoints is also vital. How frequently you do this will depend on:
- The type of device
- Who's using it
- How critical the data held on it is to your overall business operations
A clear plan on what to do if a device goes missing - such as wiping hard drives remotely - should also be considered.
Why you need to think like a hacker
While technology tools such as endpoint detection and response (EDR) software can play a major role in protecting your business from these threats, they can struggle with more advanced attacks like zero-day vulnerabilities, while hacking techniques including social engineering look to bypass these defenses completely.
For example, basic access management solutions to protect endpoint software can easily be overcome if hackers trick users into handing over information, or even politely ask someone to hold a door open for them so they can gain physical access to a restricted area where endpoints may be freely available.
Traditional security strategies may not fully take these risks into account, so to beat the hackers, you have to think like them. One of the best ways to do this is to try to break into your own systems in the same way that an outsider would, looking for weaknesses and loopholes that can be exploited from another perspective.
How ethical hacking can toughen your defenses
This is known as ethical hacking and it should play a key role in testing the effectiveness of your endpoint hardening efforts. Often, vulnerabilities can be overlooked by IT teams because these professionals are too close to the system and get stuck in the mindset of doing what you're 'supposed' to do. For example, their solutions may be built on the assumption hackers will follow certain logical steps when trying to break into an endpoint, when in reality, this may not always be the case.
An ethical hacker, on the other hand, will have no such prebuilt notions. Ideally, they should come from outside the security team, which is why many firms turn to outside professionals for ethical hacking activities.
There are a few key stages to any successful ethical hacking strategy. After the goals and scope of the effort have been determined, the first step is passive and active reconnaissance of a network to identify any obvious points of entry.
Then, the hacker should start probing entry points to look for errors such as misconfigurations and other potential attack services. They should also focus on the human elements, whether this is taking advantage of weak passwords, phishing tactics or even gaining physical access.
Such techniques are great for finding holes you didn't know existed in your defenses. And with more remote endpoints than ever that may be out of sight and out of mind, being able to think like a hacker is vital in plugging any gaps before they lead to a real-world breach.
Further reading:
- Endpoint Security Buyers Guide
- How to Create a Successful Cybersecurity Plan
- How to Use Spear Phishing to Teach Your Employees a Lesson
Access the latest business knowledge in IT
Get Access
Comments
Join the conversation...