Endpoint security: Corporate cybercrime’s best defence

Biju Bhaskaran Alpha Data
Biju Bhaskaran, Alpha Data

Biju Bhaskaran, Presales Manager, Alpha Data, encourages regional enterprises to deploy advanced protection at the endpoint level to stay ahead of threats. 

Cybercrime poses a serious growing threat to the Middle East’s corporate world. In 2015 enterprises operating here posted larger losses than in other regions as a result of cyber intrusions, according to a survey of over 300 companies. More than half reported losses of more than $500,000, as compared to 33 percent globally. An estimated 13 percent also gave up at least three working days due to cyber incidents versus 9 percent in other parts of the world. Moreover, 18 percent of respondents confirmed being victimised by more than 5,000 attacks – the highest rate of any region and double the 9 percent global average.

Despite these alarming figures, a UAE survey shows that 71 percent of Chief Information Officers admit to a one- to two-week window before they detect costly network breaches. Moreover, three out of four respondents are more likely to react to rather than prepare for online attacks. Such complacency leaves room for even more intrusions in the future, and could prove highly damaging given how both the complexity and frequency of digital crimes are growing at an exponential rate.

Traditionally, enterprises have relied on sophisticated yet traditional endpoint security providers and network firewalls to guard themselves against attacks. Unfortunately, today’s corporate networks are easily accessible to various endpoints due to the high degree of mobility supported by wireless and mobile devices such as tablets, laptops and smartphones. This has made it impossible for centralised IT security solutions to effectively protect an organisation’s entire digital perimeter. In addition, the rise of social engineering has made corporate information vulnerable to attackers who hack endpoint devices through human interaction.

Endpoint security is a new paradigm for defending networks from the plethora of devices remotely bridged to them across multiple locations. Under the concept, partial or full responsibility for security is assigned to each endpoint connected to the enterprise network. The entry point can be a laptop or desktop computer, a data centre server, a mobile phone, or even just a USB drive. Endpoint security follows the client/server model in which a centrally managed server or gateway contains the security programme while the client programme is installed on each device linked to the network. It is thus different from the conventional endpoint security approach, which safeguards the network as a whole rather than as individual components, ultimately offering a more effective and practical ‘divide and conquer’ approach.

Once a tablet, laptop or any device connects to an enterprise network, then a gateway for potential threats is automatically created. Here in the Middle East, organisations have typically protected such endpoints mainly through traditional software, which are vulnerable to zero day attacks and other more complex and elusive breaches. While signature-based measures are still essential defenses, we highly encourage companies in the region to incorporate more advanced protection at the endpoint level.  We particularly advise that more attention be paid to internet-facing endpoints given the growing adoption of the cloud and the Internet of Things. Given the emergence of cutting-edge and complementary cybersecurity technologies, we believe that the time is ripe to veer away from traditional signature-based prevention and towards proactive integrated endpoint prevention.

Although the Middle East endpoint security market is currently worth more than $100 million, many endpoint implementations are still based on signatures or white labelling, which are not enough to handle zero-day malware or ransomware attacks.

More preventive measures based on attack execution techniques supported by multiple security automation tools need to be deployed.  Depending on an organisation’s business and IT infrastructure, integrated endpoint security can feature functionalities such as malware removal based on existing signature files and heuristic algorithms; network access control; built-in antispyware protection; privileged user control; data loss prevention; disk, endpoint, and email encryption; data classification; and input/output control inclusive of portable devices, among many others.

Endpoint security can be a major step towards the unknown for many organisations, so Alpha Data is focusing on integrating end-to-end security solutions without disrupting operations and making a huge dent on the budget. The company is also positioning endpoint security to cover both known and unknown attacks and protect all market verticals, which stand to lose significant brand trust and revenue from even the slightest breaches. Our approach is to provide the right mix of advanced anti-malware, next-generation firewall, and content security solutions provided via global partnerships with industry-leading technology partners.

Even major traditional endpoint security providers agree that traditional solutions alone are not enough to address today’s challenging threat landscape. They anticipate the volume, frequency and impact of malicious threats, stolen identities, and financial losses to escalate further and consider endpoint security as the best defense against potential attacks. Organisations in the Middle East cannot afford to keep on taking a reactive stance when it comes to cybercrime; they need to be more equipped and prepared than potential intruders and adopt integrated endpoint security measures that proactively anticipate and counter threats and stop hackers cold in their tracks.

Previous ArticleNext Article

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.


The free newsletter covering the top industry headlines