3 questions to ask when managing endpoints

Derek Schauland

Having information almost immediately to hand is great, right?  Maybe not when it comes to the security of your own network. Since almost every phone, tablet or phablet in use today brings Internet access along for the ride and can also attach to wireless without much help, it is conceivable for employees to bring their devices to work and use them as part of the toolset needed to do their job.  As these devices connect to the network, IT Pros need to be more aware of them than ever before when managing endpoints.

Why should you care about other devices?

derekJust because they can access the Internet, there is no guarantee that they are protected against viruses and/or malware. Indeed few mobile devices run antivirus software, predominantly on the grounds that the programs significantly reduce battery life. So, if a smartphone is infected and connects to your corporate WiFi, other devices on that network could easily be compromised.

Because the phone is likely owned by an employee personally, even if IT was able to chase down the device that brought the malware, the owner of the phone may not allow the device to be scanned, accessed, etc. 

The number of these devices around is growing rapidly, so the likelihood that an infected device reaches a corporate network is also rising.

Aside from knowing about mobile devices in a networked environment it is also a good idea to be scanning for changes to general network topology or devices that appear out of nowhere. The switching and data center infrastructure may be secured with all the access control in the world, but port 25 in the maintenance shop could be open for use with a company laptop and someone could plug any device they like into that port. If a wireless router were plugged in, the network could be broadcasting to the world. Without scanning, IT would never know about it. 

These examples are extreme and possibly a worst-case scenario, but the threat of data loss is very real.  Because companies must do all they can to keep more than just trade secrets secure; monitoring the network for all types of devices should be part of the landscape. The reports of issues should appear when they are needed and other than adding new device types to watch for or subnets to monitor the scanner should be something that is reliable and just works. 

Will it take time to get to this point? 

Sure. But using these techniques to keep all of your information and your customer's information as safe as possible will be worth more than anyone can imagine as the information age moves forward and data breaches become the norm.  Unfortunately, with the number of breaches hitting the news as of late the possibility of data loss by any size company is all too real and both the IT leaders and the employees of organizations the world over need to be paying attention and doing their best to keep things secure.

How can everyone help to make your corporate world a safer place?

The easiest way is to ensure all devices are configured with antimalware applications. Sure the IT department in an organization will take this responsibility and make sure updates are being done and things keep moving. Outside of the office environment though, they cannot enforce these same rules and it is up to the consumer to be just as vigilant. 

Keeping all of your devices protected against malware and being conscious of the surfing being done on them is a great first step in keeping your computers secure and free of trouble.

–––––––––––––––––––––––––––––––––––––––––––––––

Want to know more about security? Then check out the videos serious by our security lead, Ian Trump…