Posted inOpinion

Delivering secure enterprise networks in a post-pandemic working environment

As businesses battle with functioning in new areas, including hybrid and remote working environments, the necessity to remain on top of cybersecurity challenges has intensified

Chris Vaughan, area vice president of Technical Account Management, EMEA at Tanium

Imagine you have an office filled with valuable items. You leave the door open and invite people to borrow whatever they want from it. Very quickly, you’ll lose sight of where your valuables have gone, making it difficult to track and recoup them later.

This analogy accurately captures what’s been happening to endpoint data management throughout the pandemic.

Prior to the unravelling chaos of the past two years, employees were provided with approved tools, data storage and devices to do their job within the office.

This level of control meant that data retention policies could easily be applied to the data employees encountered, enabling compliance with data privacy regulations.

In short, employees were only able to access your valuables from behind a locked door, providing valuable security, while also preventing important assets from going missing.

However, the pandemic flung that door wide open with the surge of remote and hybrid working.

Personal devices were used to fill the gap in the mad rush to work from home and realise business continuity, meaning sensitive data began to circulate over much broader online territory.

Ascertaining what data you have and where it sits within your business became a common struggle for organisations across industries.

Due to the increase in personal devices being used in professional context, this has caused an increase in associated vulnerabilities.

Disjointed cybersecurity defences became commonplace as a result of this transition because traditional safeguards tend to rely on data visibility. After all, if you can’t see your data, you can’t protect it.

Naturally, this fragmented approach to security stoked fears across the industry of intellectual property thefts, customer disruption and reputational damage.

To secure networks against these threats, IT teams need to ensure they have full visibility of all assets across their corporate network.

Importance of building a complete inventory

The personal devices that were introduced into businesses during the onslaught of the pandemic have certainly muddied the waters when it comes to data visibility.

For instance, if your data is on an employee’s personal device then you can’t guarantee that your corporate proprietary information is properly safeguarded – which could be highly damaging if ransomware invades your infrastructure.

enterprise
IT teams need to ensure they have full visibility of all assets across their corporate network. Image: Shutterstock

Conducting a complete endpoint inventory can help rectify this lack of visibility by outlining all endpoints, cloud services and shadow IT to identify where the risk lies within your business.

From here, you can bolster the weak spots that your inventory identifies, lowering the risks that emerge throughout the shift to hybrid or remote working.

Almost 56 percent of professionals intend to switch jobs in 2022, a recent survey revealed. This continued trend, dubbed “the Great Resignation era,” provides a timely example of how data can be better protected when endpoint inventories are used to inform cyber-defences, especially when it comes to off-boarding processes.

You may find that some former employees were accessing your business’ data through personal devices throughout the pandemic, in which case your off-boarding process will have to be updated to accommodate these unmanaged devices.

In fact, an added difficulty is being legally covered to manage endpoints when the organisation does not own them.

After all, how can your business ensure company data is encrypted or erased when an employee no longer works at the company?

By updating off-boarding processes to include unmanaged devices, organisations will strengthen their cybersecurity and ensure consistency across all endpoints, reducing the risk of data loss and its expensive repercussions.

Enhanced visibility through a platform approach to endpoint management can also reduce costs by allowing you to determine areas where you might be overcompensating on cyber-defences, thus eliminating redundancies and allowing for increased efficiency throughout your security stack.

Securely moving and storing data

Data isn’t stagnant, it’s constantly moving. Once you ascertain what data you have and where via your endpoint inventory, you’ll need to ensure you can keep track of it.

Working with pattern recognition driven controls in place is one effective way to help maintain your visibility.

Data monitoring tools can detect files that have sensitive information and create filters to set up data patterns which proactively target those that are most likely to be at risk.

These tools have a categorising system which creates varying security levels for data ensuring that only the necessary employees – determined through job role and seniority – can access specific data. Less exposure of sensitive data to the broader workforce lowers the risk of a data leakage.

However, while tools can be a huge help in keeping your eyes open, they can’t compensate for employee security errors or ill-intent.

These tools must be paired with ongoing training that highlights why endpoint security is so crucial and clearly outlines expectations for securely handling data.

You may even want to conduct disaster recovery training to ensure that if there’s a leakage, your response can be as proactive as possible to mitigate the fallout.

Almost 56 percent of professionals intend to switch jobs in 2022, a recent survey revealed. Image: Shutterstock

Manning endpoints proactively

When problems aren’t obvious, they can easily go unnoticed. This is especially true in the field of cybersecurity.

Too often, a company must first fall victim to a devastating ransomware assault before taking steps to prevent further data loss.

Understanding the data flow and being aware of where data is stored across your business’ endpoints allows you to spot problems before they become serious. This means that an attack can be avoided as new measures can be implemented proactively.

According to our latest research, organisations that take a proactive approach to cybersecurity are much less likely to incur a cyberattack than those that react.

According to the report, IT decision makers who took a proactive strategy saw nearly 10 percent fewer cyber-attacks in the last two years than those who used a reactive one.

Of course, many IT departments have been promoting a proactive strategy for some time. However, as businesses battle with functioning in new area, such as the hybrid and remote working environment, the necessity of remaining on top of this real challenge has intensified.

To protect your data, you must be able to see it coming in and out of your organisation. This begins with staffing the front entrance of your company, which in this case is your endpoints.

Chris Vaughan, area vice president of Technical Account Management, EMEA at Tanium.

Follow us on

For all the latest business news from the UAE and Gulf countries, follow us on Twitter and LinkedIn, like us on Facebook and subscribe to our YouTube page, which is updated daily.

Abdul Rawuf

Abdul Rawuf