It’s remarkable how quickly enterprise IT is changing. A few years agomany offices had employees working primarily on-premises usingdesktop devices, now it’s increasingly common for employees to work remotely using some combination of desktops, tablets, laptops and smartphones. Case in point: The COVID-19 pandemic forced businesses to quickly adapt to closures and get a percentage of their workforces working from home — if they already hadn’t.
While the ability to access networks from endpoints brings with it many benefits — like increased flexibility for workers — it also leaves companies vulnerable to cyberattacks without ample security in place.
Here are five reasons it’s critical to take endpoint security just as seriously as security on premises, if not more so.
#1: The number of attacks on endpoints is rising.
According to research from the Ponemon Institute, nearly seven in 10 (68 percent) of IT specialists report their company fell victim to at least one endpoint attack compromising data assets or IT operations in 2019. Two years prior, that number was just over half (54 percent).
The takeaway? Endpoint breaches are on the rise, which means enterprises need to do everything they can to secure endpoints on the network.
#2: Successful endpoint attacks are becoming more costly.
In 2019, the cost of an endpoint attack reached $8.9 million — an increase from just over $7 million in 2018 and about $5 million in 2017. Attacks are becoming more frequent andmore expensive each year.
When enterprises consider the price tag of a cyberattack, it’s important to factor in IT downtime as well as lost user productivity and the costs associated with compromised data. While it may never be possible to prevent all cyberattacks, taking endpoint security seriously ahead of time is the only way to reduce the risk.
#3: More endpoint devices are connecting to enterprise IT networks.
In addition to more employees harnessing mobile devices for work, enterprise IT networks are seeing an influx of Internet-of-Things (IoT) devices, point-of-sale (POS) terminals, servers and more. This wider range of devices offers more vulnerabilityfor hackers to exploit when security is lax.
#4: IT teams must mitigate shadow IT and keep software current.
A tricky aspect of managing endpoint devices is some of them fall outside the oversight of IT. This has given rise to “shadow IT” — or usage of devices and software beyond the approval and regulation of the IT department.
As much as companies would like to count on users to maintain cybersecurity protocols to counter potential susceptibilities, it’s simply unrealistic. As Security Intelligence points out, users are prone to downloading “unapproved applications” which can open networks to malware. Lost or stolen devices can also provide hackers with the credentials they need to infiltrate a network. Without up-to-date security applications and operating systems, devices are more vulnerable to endpoint attacks.
#5: IT teams can become overwhelmed trying to protect endpoints manually.
With expanding networks and increasing cyberattack threats, even the most diligent and qualified IT teams can become overwhelmed trying to protect endpoints manually.
Hiring dedicated cybersecurity personnel is certainly an option if it’s in the budget, and if companies are able to find experts with the skillset needed to minimize attacks. Another option is deploying third-party endpoint detection and response (EDR). This technology — which can be cloud-based, deployed on-premises or adopted as a hybrid approach — monitors network activity, analyzes events and responds to threats immediately for continuous supervision.
Endpoint security is critical because more of them are joining enterprise IT networks and organizations are experiencing more — and costlier — attacks on them.