With security researchers across the world suggesting at least two-thirds of all cyber-attacks are initiated through compromised endpoints, it is critical develop a strategy that protects each different type of endpoint with appropriate controls. But that can be challenging in a world where there are mobile devices such as smartphones and tablets that require different controls to laptops used in the field or PCs inside the corporate network.
Creating an endpoint security strategy that caters for these diverse use-cases requires an orderly approach. Michael Covington, the Vice President for Portfolio Strategy at Jamf says there are three critical elements to consider when formulating your endpoint security strategy.
“The three key elements of an endpoint security strategy are understanding your core requirements and the threat landscape, making sure that you have very clear understanding of the device types and platforms that you're going to be protecting and catering for the operational aspects that sit adjacent to the solution you deploy.”
Underpinning that, ranking the risks that you're most concerned about must be considered when evaluating the solutions that plan to acquire. By focussing solution efficacy, organisations can maintain a defence in depth strategy without being distracted by device diversity.
Covington says the focus in strategy formulation is often centred on the feature list. But when strategy development moves into the real world of execution there can be challenges. Not enough time is put into planning and how to manage a device securely through its entire lifecycle. Many organisations don't consider all the connective tissue in a project.
“Many organisations struggle with usability. They plan the absolute best solution from a feature perspective, but they don't always think about the impact on their end users or on operational staff to oversee that solution and deployment,” he explains.
Like any significant project, finding a starting point can be the hardest part. Covington offers this advice.
“The best place to start formulating your endpoint security strategy is to read up on the current threat landscape and linking that to the types of risks your workers are likely to encounter. For so long now we've looked at device management, endpoint security and remote access as different areas that require different strategies. We're operating in an integrated world where each one of those capabilities feeds the other. If you plan your strategies accordingly, you can get a real benefit by bringing these tools together when you're formulating your strategies in these different areas.”
Read the full State of Security Report Here:
