In the world of enterprise technology, one of the biggest areas of concerns for Chief Security Officers (CSO) are the laptops, desktops, tablets, smartphones and other connected devices used by staff. Each one represents a potential vulnerability: where sensitive company data could be lost, leaked or intercepted.
For the CSO, protecting thousands of end-point devices often feels like a game of ‘Whack-a-mole’, as new threats continually surface in the ever-evolving cyber-crime landscape. In fact, an organisation’s endpoints are often the most vulnerable areas in their entire IT landscape, holding vast amounts of often-sensitive data, and proving very difficult to control.
Based on interviews with clients, Commvault research pegs the average cost of losing a laptop at almost $50 000 – including the hardware replacement and the value of the information residing on the device.
In the digital era, where data is the new currency, losing critical company data can have severe ramifications.
The answer to this problem may lie in embracing modern, converged solutions, which we could group under the umbrella of ‘Endpoint Data Protection as-a-Service’. This approach reduces the risk of data loss from stolen or compromised devices by securely hosting all endpoint data in the Cloud, and giving staff and managers unprecedented control to lock or remotely wipe any devices that have been compromised or lost.
With Endpoint Data Protection as-a-Service, firms can eliminate the need for in-house infrastructure, applications or dedicated resources to constantly monitor endpoints.
As you consider moving your Endpoint Security to an ‘as-a-service’ model, you should critically analyse the options available to you, keeping a keen eye out for features like:
- Full visibility into the Endpoint data – including comprehensive data records and activity logs so you always know just what data is ‘out there’ (in many sectors, this is also required for governance, risk, compliance and legal reasons).
- Employee self-service – so that staff can log-in from any web browser, to report a laptop or device missing, and remotely wipe all the data that is stored locally on the hardware.
- Secure file-share – for staff to transfer files to each other with utmost security, supported by advanced encryption, and with master copies stored on central servers.
- Geolocation tracking – to show exactly where devices are at any point in time
- Policy-based configurations – enabling the IT team to customise your Endpoint solution to fit with your organisation’s specific needs
- Clear reporting – to give executives a dashboard view of the data that is stored on Endpoints, as well as any incidents logged in that reporting period.
Like almost all other enterprise technology domains, Endpoint security seems to be on a relentless journey to the Cloud. Fully-managed, Cloud-hosted solutions are able to ‘move with the times’, always staying ahead of the latest cyber-security threats.
And this need has never been greater…
In 2017, cyber-security shot to the top of boardroom agendas in the wake of a number of global incidents (headlined by the ‘WannaCry’ ransomware attacks) and the same is expected for 2018. Every day, more news seemed to pour in – about malware, ransomware, identity theft and other devastating cyber-crime tactics.
Closer to home, South Africa is on high-alert. According to Fin24, almost 9 million South Africans annually are now victims of some form of cyber-crime, with a number of security experts regarding South Africa as something of a soft target for criminal syndicates.
Unlike the previous-generation approach of on-premise, owned infrastructure and applications, organisations opting for the ‘as-a-service’ model benefit from greater flexibility and control.
They’re able to get up and running immediately, can quickly change service providers if they need to, and deploy in-house IT resources to more strategic or value-adding activities (safe in the knowledge that all Endpoint data is fully secured and backed-up).
By Johan Scheepers – Systems Engineering Director for MESAT, Commvault