Security

Dell Technologies World 2020: 5 Steps to Combat Endpoint Security Threats

With remote work continuing for the foreseeable future, businesses must protect themselves from endpoint vulnerabilities.

Keara Dowd

Twitter

Keara Dowd is a web editor for BizTech, joining the magazine after honing her journalism skills in local news.

Widespread remote work has caused the number of devices connected to businesses’ networks to skyrocket as employees use their company-issued devices alongside their own to do their jobs. As security has shifted to the forefront of the remote work conversation, protecting these endpoints needs to be a top priority.

“In the time that we’re spending together today, your PC is going to endure approximately 50 cybersecurity attack attempts,” said David Konetski, vice president of security and commercial solutions at Dell Technologies, speaking at Dell Technologies World 2020.

Konetski said this ever-present threat is further complicating security.

“Add that kind of malicious activity to the recent shift in workplace dynamic,” he said, “and now you see a threat landscape that continues to grow and become increasingly complex.”

Konetski laid out five steps that businesses can take to make sure their endpoints are protected.

1. Know the Threat Your Organization Is Facing

To defend against an enemy, you must first know the enemy, Konetski said. For businesses, that means accepting that the security landscape has changed permanently.

“Things are not going to go back to the way they were pre-pandemic,” he said. “So that means you’re going to be dealing with a much larger attack surface and employees who are remote.”

Remote work has led to a dramatic increase in ransomware activity (148 percent, according to Konetski), and businesses have more elements of operations to protect.

“The entire model has changed,” Konetski said. “There’s no longer centralized security.”

With cyber espionage rising, it’s important for businesses to know how those bad actors operate.

“They’re watching to see how the data flows. They are watching to see where that sensitive information is being stored,” said Konetski. “The time between when they instantiate themselves on the network and when they launch their attack is called dwell time. We need to stop that malicious attack during that dwell time.”

2. Assess Your Business’s Security Tools

For businesses to move forward with endpoint security, they must take a look at the solutions and protections they already have.

“How are you encrypting your sensitive information and protecting your data?” Konetski said. “How are you protecting yourself, detecting and remediating attacks?”

Organizations also need to consider the increase in cloud use that comes with remote work and the way user credentials are secured. Many security solutions have these safeguards built in, helping to identify problems using artificial intelligence.

“The first thing they want to do is find out if that bias was maliciously corrupted or whether it was just some kind of anomaly, or maybe it was just a pattern that was meant to be,” Konetski said.

He also said ensuring firmware is up to date is crucial.

“The scary thing is that by 2022, it’s been shown that 70 percent of organizations that do not have a firmware upgrade plan will be breached due to a firmware vulnerability,” Konetski said.

3. Build Your Data Protection Strategy

At the heart of an organization is its data, so it is important to build up those defenses in case endpoint solutions aren’t successful.

“When you’re thinking about a strategy for data protection, you have to think about security,” Konetski said. “What does your encryption look like? And key management members have to think about compliance.”

Businesses must also look at how users are accessing data in order to find the best protection.

“How is your data being used? Where is it being used? Do you have the ability to set policy around that?” said Konetski. “You’ll also have to think about resilience.”

4. Have a Backup Security Plan

So, what happens if endpoint measures fail and a bad actor breaches your data? Konetski said incident response is key.

“The incident response professionals are trained in rapid containment, damage assessment and eradication of any problem,” he said. “They’re able to go back to the root cause of a problem.”

Once the incident has been assessed and dealt with, it’s also important to get leadership involved to make any necessary changes. Your incident response team must be able to consult different departments.

“The other side of dealing with an incident is your executives, your board of directors, your customers and your legal department,” he said.

5. Evolve Your Security Practices Over Time

Once these pieces are in place, it’s important not to end your security journey. As your business and its operations grow and change, security strategies need to evolve as well.

“How do we know that those solutions are going to evolve with us and protect us against future threats?” Konetski said. “Security solutions normally evolve by using telemetry and analytics plugged into some artificial intelligence and machine learning to evolve the solutions.”

He said Dell can be particularly well-suited for this part of the journey through customizable security solutions that can be tailored to your organization.

“We have visibility into the supply chain, the hardware, the firmware, the data, the obligations and OS as well as cloud to be able to evolve those solutions to fit your needs for the future,” Konetski said.

Doucefleur/Getty Images