Endpoint visibility: the superhero that delivers secure enterprise networks

10 June 2022

Chris Vaughan, area vice president of Technical Account Management, EMEA, Tanium

Chris Vaughan, area vice president of technical account management, EMEA, Tanium

Imagine you have an office filled with valuable items. You leave the door open and invite people to borrow whatever they want from it. Very quickly, you’ll lose sight of where your valuables have gone, making it difficult to track and recoup them later.

This analogy is an apt explanation of what’s been happening to endpoint data management throughout the pandemic. Prior to the unravelling chaos of the past two years, employees were provided with approved tools, data storage and devices to do their job within the office. This level of control meant that data retention policies could easily be applied to the data employees encountered, enabling compliance with GDPR and other data privacy regulations.

In short, employees were only able to access your valuables from behind a locked door, providing valuable security, while also preventing important assets from going missing.

However, the pandemic flung that door wide open with the surge of remote and hybrid working. Personal devices were used to fill the gap in the sudden rush to work from home, which meant sensitive data began to circulate over much broader online territory. Ascertaining what data, you have and where it sits within your business became a common struggle for organisations across industries.

Disjointed cybersecurity defences became the standard consequence of this transition because traditional safeguards tend to rely on data visibility. After all, if you can’t see your data, you can’t protect it. Naturally, this fragmented approach to security stoked fears across the industry of intellectual property thefts, customer disruption and reputational damage. To prevent against these threats, IT teams need to ensure they have full visibility of all assets across their corporate network.

The importance of building a complete inventory

The personal devices that were introduced into businesses during the onslaught of the pandemic have certainly muddied the waters when it comes to data visibility. For instance, if your data is on an employee’s personal device then you can’t guarantee that your corporate proprietary information is properly safeguarded – which could be highly damaging if ransomware invades your infrastructure.

Conducting a complete endpoint inventory can help rectify this lack of visibility by outlining all endpoints, cloud services and shadow IT to identify where the risk lies within your business. From here, you can bolster the weak spots that your inventory identifies, lowering the risks that emerge throughout the shift to hybrid or remote working.

In the Great Resignation era, off-boarding processes provide a good example of how data can be better protected when endpoint inventories are used to inform cyber-defences. You may find that some former employees were accessing your business’ data through personal devices throughout the pandemic, in which case your off-boarding process will have to be updated to accommodate these unmanaged devices. In fact, an added difficulty is being legally covered to manage endpoints when the organisation does not own them. After all, how can your business ensure company data is encrypted or erased when an employee no longer works at the company?

By updating offboarding processes to include unmanaged devices, organisations will strengthen their cybersecurity and ensure consistency across all endpoints, reducing the risk of data loss and its expensive repercussions.

Added visibility through a platform approach to endpoint management can also reduce costs by allowing you to determine areas where you might be overcompensating on cyber-defences, thus eliminating redundancies and allowing for increased efficiency throughout your security stack.

Securely moving and storing data

Data isn’t stagnant, it’s constantly moving. With this in mind, once you ascertain what data you have and where via your endpoint inventory, you’ll need to ensure you can keep track of it. Working with pattern recognition driven controls in place is one effective way to help maintain your visibility.

Data monitoring tools can detect files that have sensitive information and create filters to set up data patterns which proactively target those that are most likely to be at risk. These tools have a categorising system which creates varying security levels for data ensuring that only the necessary employees – determined through job role and seniority – can access specific data. Less exposure of sensitive data to the masses of the workforce lowers the risk of a data leakage.

However, while tools can be a huge help in keeping your eyes open, they can’t compensate for employee security errors or ill-intent. These tools must be paired with ongoing training that highlights why endpoint security is so crucial and clearly outlines expectations for securely handling data. You may even want to conduct disaster recovery training to ensure that if there’s a leakage, your response can be as proactive as possible to mitigate the fallout.

Manning endpoints proactively

When issues aren’t loud and glaring, they can easily go unnoticed. This is certainly true of cybersecurity. Too often, a business will have to first fall prey to a nasty ransomware attack before they put measures in place to prevent further data loss.

Understanding the data flow and being aware of where data is across your buisiness’ endpoints brings dormant issues to the fore before they erupt. It means that there needn’t be an attack before new safeguards are put in place.

Organisations that take a preventative approach to cybersecurity are significantly less likely to experience a cyberattack than those acting reactively, according to our recent research. The survey found that IT decision makers who had taken a preventative approach had experienced over 10% less cyber-attacks in the past two years than those who took a reactive approach.

Of course, a lot of IT teams have been galvanising a proactive approach for quite some time. That said, the urgency of staying on top of this challenge has increased as businesses grapple with operating in new territory – namely the hybrid and remote working world.

The bottom-line is you need to be able to see the data that’s coming in and out of your business to protect it. This starts with manning the door to your business, which in this context, is your endpoints.