CyberEye

Blog archive
Securing the human endpoint

Securing the human endpoint

Endpoint protection has become a major focus for agency security efforts over the past few years, as mobile devices proliferate and the bring-your-own-device movement grows as a major factor in government communications, even when agencies remain leery about it. But is it the device or the employee using it that’s the greatest threat?

Organizations such as the Defense Information Systems Agency have made their concerns over endpoint security clear. Early in 2015, DISA put out a request for information on next-generation solutions, saying the endpoint had evolved “to encompass a complex hybrid environment of desktops, laptops,

mobile devices, virtual endpoints, servers and infrastructure involving both public and private clouds.”

That complicated soup of devices and technologies is defeating agencies’ attempts to bolster their overall security, according to a recent report.  Federal IT managers surveyed by MeriTalk estimated that just under half of the endpoints that can access agency networks are at risk, with nearly one-third saying they had experienced endpoint breaches due to advanced persistent threats or zero-day attacks.

As DISA pointed out in its RFI, traditional signature-based defenses can’t scale to cover agencies’ sprawling endpoint infrastructures,  especially when exacerbated by the growth of virtualization.

However, even if agencies could tie down the physical security of endpoints — and the MeriTalk survey shows they are failing at that — there’s still the matter of employees and their actions. It’s no use having good endpoint security if the behavior of the user negates that.

The Ponemon Institute made that point at the beginning of 2015 in its annual look at the state of endpoint security. That study concluded fairly bluntly that negligent employees who do not comply with security policies are seen “as the greatest source of endpoint risk.”

Some of the problem is based on the sheer demand for endpoint device connectivity that is overwhelming IT departments. Over two-thirds of the respondents in the Ponemon study said their IT groups couldn’t provide the support for that, while the same number admitted endpoint security has become a far more important part of overall IT security.

Bookending that Ponemon report is a study published a few days ago by Ping Identity, which surveyed employees at U.S. enterprises and concluded that “the majority of enterprise employees are not connecting the dots between security best practices they are taught and behavior in their work and personal lives.”

Employees are doing some things really well to keep data secure, according to Ping, and following good security practices, such as creating unique and strong passwords. But then they reuse those passwords across personal or work accounts and share them with familiar colleagues.

“No matter how good employees’ intentions are,” said Andre Durand, Ping’s CEO, “this behavior poses a real security threat.”

Now, take the enterprise infrastructure even further to include partner organizations that have network access, such as service providers or, in the case of government agencies, contractors. No matter how bulletproof the prime organization’s security, if those partners have holes in their endpoint security, attackers will find and exploit them.

That was the reason behind some of the biggest security breaches of the past two years.

All of which seems to beg the question of what is meant by endpoint security. If organizations in 2016 bear down on securing their endpoints — which they will have to do — just what exactly is an endpoint? Is it the device, virtualized or not, or does it come down to the user? There are some good endpoint security solutions that have been developed, but how will they take the human into account?

That could be the biggest factor for IT security in the future.

Posted by Brian Robinson on Dec 04, 2015 at 1:26 PM


inside gcn

  • digital model of city (Shutterstock.com)

    Why you need a digital twin

Reader Comments

Mon, Dec 14, 2015 Kevin Hollywood Land

It doesn't matter what the endpoint is.. It could be chicken and waffles for breakfast.. The beginning point is what matters. You find attacks by reverse engineering perhaps..? I don't know I'm not a network expert. Network security should be taught to the client before they are even allowed to sit at a desk. Sure it will cost more for the employer. Actually hiring trained professionals, Loss of data Can be Easily fatal. Its so simple network security experts are missing it. Or are you.. Problem fixed what job would a network guy do... Trying to fix what's broke instead of not letting it break. prevention is the answer. Not just improving prevention, really creating it. Real prevention has not been created or else the endpoint wouldn't matter. Prevention including unplugging all the servers. Let's see what zero day attacks can do then.. Without the beggining it's already an end. A simple physical device between the Clients data and their authorized user before it is connected Network. It's something physical between the user and the data. Therefore authentication can't be granted remotely with some ones Facebook password. This would work if I was allowed to show you how to send and receive data and a physical device I have an idea for. Also the end user. Some miserably unhappy not feeling loved admin assistant. An environment needs to be created that takes away super user privileges, with out terminal authorization from the physical computer. This would be the physical device I mentioned earlier that I have designed. SuperUser granted access by worker group. that would make them feel good, and perhaps a part of something, part of security, part of a team.. Give them pride in the authorization of something besides the postal meter. Then maybe they will stop selling me your clients door keys. bad joke
Anyways I need a job
Best Kevin

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck
  • Transforming Constituent Services with Business Process Management
  • Improving Performance in Hybrid Clouds
  • Data Center Consolidation & Energy Efficiency in Federal Facilities

More from 1105 Public Sector Media Group