Positioning your cybersecurity investment for a remote workforce: Tier 1 - Endpoint security
Small and medium-sized businesses can evaluate their need to invest in securing their IT infrastructures with a three-tiered risk assessment.
With the current shift of office employees working from home, an increased number of devices are no longer guarded by the usual protections of corporate networks. This exposes companies to greater risks from cyberthreats that can attack via unsecured employee devices. While some IT administrators are prepared for managing and securing remote teams of employees, others may need to either catch up or perhaps review any changes made in haste. Regardless of the stage of preparedness and response, businesses can better understand how the security posture of their companies stand in relation to the tools available for cyber combat by using a three-tiered risk assessment. The bottom tier – Tier 1 – represents the lowest investment into security infrastructure, leaving you at higher risk of a cyberattack. Inversely, Tier 3 represents a higher investment with more risk minimized. Understanding and being strategic about which risks your business can handle helps you to assess what security gaps are still existing and what tools you should be looking for to handle those risks. So let’s begin the ascent up the tiered ladder of cybersecurity tools available for your company.
Outlining endpoint security risks
Depending on available company resources and policy, sending an employee to work from home may mean transitioning your workforce, at least partly, into a bring your own device (BYOD) model. In other words, if there aren’t enough corporate laptops and mobiles to go around, employees may need to use personal devices to carry out work at home. This may especially be the case for small offices/home offices (SOHOs) or even larger businesses should device stocks run out. In such situations, the same security measures that should be in place at any business remain essential. Employees need to have security solutions on each desktop, notebook or mobile device that they use to handle your business’ digital assets. The risks of not being protected at this basic level are too great. Users are exposed to various online dangers ranging from phishing links found in emails or social media to malicious websites and ads and other malware. A security solution acts as a proactive threat detection system that can handle these threats.
Tier 1 – Endpoint security solutions are installed on all devices used for work-related purposes
Employers should ensure that endpoint security software, like ESET Endpoint Security, is installed on employees’ devices. If that is not a viable option, employees should have consumer-grade security software like ESET Internet Security or, at the very least, a free trial of such software. For employees using mobile devices for work, the same principles apply. Employers can protect Android-powered devices with antivirus solutions such as ESET Endpoint Security for Android. Again, employees could also run a consumer-grade version like ESET Mobile Security for Android, which continues to protect phones with a robust free version even if the premium trial expires. iOS-powered mobiles, however, cannot be protected by antivirus software. IT administrators will need to leverage the remote configuration options available via (Tier 2) remote management tools to stay on top of Apple’s mobile devices.
When do SOHOs start to benefit from upgrading to business-grade products?
In the smallest setups, a business has a few employees, and devices are likely protected by consumer-grade security solutions. But, either as the business grows or when employees work regularly away from the office, a few pain points can arise: 1. Work computers have limited file storage capacity, meaning that employees will be tempted to store files in personal cloud storage accounts. 2. Alternatively, employees could transfer files to USB disks and other external storage devices. These devices are usually unencrypted and may have personal files mixed in or, worse, malware. 3. Collaboration on files via email threads starts to become messy, and versions of the same file multiply. All these pain points push the business to deploy a central place – a file server – where employees can securely store, access, collaborate and work on files. File server solutions are various, but they usually take one of two basic forms: 1. Businesses subscribe to a cloud business storage account via OneDrive, Dropbox, Google Drive or another similar platform. 2. Businesses provision an on-premises file server. Both of these options come with their own level of risk and security considerations, but the transformative effect they have is to push businesses toward a server-endpoint infrastructure – the beginnings of a true corporate network. Business security solutions start to play a larger role in this new kind of setup because, unlike consumer software, business solutions view individual employee devices as endpoints in a network – all interconnected through one or more servers. Servers, along with endpoints, need protection, and the new IT setup – offering shared resources hosted and accessed from centralized servers – demands extra security. Now the benefits of business-grade solutions start to kick in and unlock the door to Tier 2 security features. In the next article, I will explore the Tier 2 remote management tools unlocked by business endpoint and file server security solutions.