We often overlook endpoint security when discussing cybersecurity. Cybersecurity incorporates network security and endpoint security. Most of the time companies predominantly focus on their network security and neglect their endpoint security. Firewall breaches seem like the most obvious way for hackers to attack networks, so we shore up the network defenses and prepare to withstand those attacks. Unfortunately, hackers realize that their proverbial siege on firewalls wastes time if an easier method for breathing the network exists. Rapid 7 Blog reports that 70% of successful breaches originate at endpoints. They reassure us that most of the time, hackers, not untrustworthy employees, breach the endpoints. Forbes reports, “Only 29.6 % of all enterprises globally consider endpoint security to be a significant component of their overall cybersecurity strategy.” With endpoint security shoved to the back burner, hackers will continue to exploit endpoints to breach networks.
Keeping your network safe requires significant time and resources. We know the difficulties that small business owners face with maintaining their IT, so we wrote a list of common issues to keep an eye out for.
- Phishing – As the name implies, Phishing dangles bait in front of users to lure them into a trap. Phishing most commonly occurs via email, but hackers use phone calls, texts and instant messages too. Hackers create messages mimicking those of legitimate corporations. They request personally identifiable information (PII) such as bank account numbers, social security numbers, credit card numbers, passwords, and other sensitive data. Phishing emails attempt to prey on your emotions to force you into taking immediate action. For instance, many phishing messages sound like this: “you have won a…” or “if you fail to verify your account now …” Phishing messages always urge for immediate action. Remember, legitimate companies never require you to send PII over the internet and any message that requests for PII transmission via the internet warrants suspicion.
- Passwords — Password security continues to grow in importance as technology evolves. New programs increase hackers’ success rate at guessing passwords. Institute regular password changes as a part of your company’s policy. Set up password requirements such as using a capital letter, lowercase letter, number, symbol, and a minimum of six characters. Always remind employees to avoid using names or dates associated with them. Make sure that you change all default passwords. Leaving default passwords on devices and systems is a sure way for your endpoints to be compromised. Never use one master password for your organization’s devices. New biometric security helps increase endpoint security and purchasing devices with facial recognition or fingerprint access helps increase endpoint security.
- Monitor endpoints – Use software to manage and monitor endpoints. Software such as Symantec or Malwarebytes provides the ability to monitor endpoints for suspicious activity. Monitoring accounts consistently helps spot compromised accounts and respond to potential breaches. Install these programs on all company devices.
- Establish a VPN – VPN’s or virtual private networks allow for a secure connection for your employees working offsite. It hides your PII when you access the internet. The new growth in technology allows employees to work remotely and VPN’s provide a secure way for them to work without fear of an endpoint breach.
Coupling endpoint security with network security overwhelms everyone. With so many vulnerabilities for hackers to exploit, it seems impossible to protect yourself from a serious breach.
Origami Technology Group provides network security and endpoint security options. We can help secure your network so you can focus on the important tasks that grow your business. If you have any questions or need help with your endpoints, reach out to us at email@example.com.