Let me first define an End-point device. End-point devices are any computational devices you might use in your daily digital life including PCs, MACs, Servers, Tablets and Phones. Even, music players are considered end-point devices.
Now, with the widespread adoption of Bring-Your-Own-Device (BYOD) models and cloud apps, I have heard the following statements countless times from Tech Savvy (and Un-savvy) business users:
“I don’t need data backup, anti-virus or for that matter any type of end-point monitoring services, since all my data and applications are in the cloud. I store everything important in the cloud and my PC is nothing more than a thin client or a dumb terminal. I use my tablet more than my PC now. By cancelling these services, I can save thousands of dollars per year which I can re-direct to my social media marketing budget, right…?!”
WRONG!!! Furthermore, let me stipulate that as a business user not only do you need basic end-point services like data backup, anti-virus, anti-malware etc. but also a smart monitoring system to track the use of these services as well as all your devices (including tablets and phones), apps and networks, without exception.
Here are 4 reasons why:
1. Weakest Link
In the fight against cyber hackers, an end-to-end security strategy is the best defense. End points and local networks are most often the weakest link in such a plan. There are several documented incidents, wherein hackers have gained access to end point devices through unsecured apps or even just unsecured USB ports on a laptop. Have you heard of the DropSmack? For those of you who have not heard of this malware, Dropsmack is a widely documented service that exploits vulnerabilities in the popular dropbox file sharing app. This is an important fact to consider, especially when many feel a false sense of security with apps and data in the cloud. Well, with Dropsmack hackers were able to steal information stored in the infected machine’s dropbox folder. In another instance, hackers gained access to PCs using something as simple as the USB thumb drive. By connecting an infected thumb drive to a USB port on a laptop, hackers were able to inject malware into the end-point device. The malware decoded key strokes and together with information such as frequently visited websites, allowed hackers to quickly gain control of cloud accounts. So, think again!
2. Any data is a treasure trove of information
It’s a common fallacy that if your data is stored in the cloud, your end-point devices don’t have any data worth stealing. Let me dispel this thought with a simple question. Many of us use email programs like Outlook, right? Have you ever wondered, how you are able to access emails on your laptop even when you don’t have internet access? You guessed it. Your device keeps a local copy of the cloud data. Many applications share a similar feature and therefore access to the end point allows access to the cached data. And, this does not include any documents that might be storing locally because you deem them to not be important. In a hacker’s mind, there is NO such thing as bad data!
3. Regulation demands it (SEC/FINRA, HIPAA…)
It’s no wonder that regulatory bodies have a very simple philosophy when it comes to cyber-security examinations. For instance, in the case of SEC/FINRA audits, a specific directive states that the examiner may ask for a financial firm to produce the end-to-end data flow as well as access pattern of information including the identification of all networks and devices in the chain. Once this data is gathered, an attempt to identify the most vulnerable devices and networks is made. So whether you are using a cloud desktop, a physical desktop or just a mobile app, regulators want to see a comprehensive security plan for the end point device, the network as well as the application. And, just to re-iterate Cloud Desktops or Terminal Services are NOT exempt!
4. NO substitute for smart and automated end-point and network monitoring
Don’t plan on redeploying your IT budgets to marketing, just yet. Investing in tools to help identify end-point and network vulnerabilities is a good thing. Furthermore, signing up for a service to maintain a constant state of vigilance is the best thing you can do as a business user. Remember, hackers don’t sleep and you cannot compete against persistent attacks by taking a Point-in-Time (PIT) approach. Remember, the potential losses in case of a breach event could be staggering compared to the pro-active investment upfront. There is NO substitute for end-point and user behavioral analysis. Just imagine, wouldn’t it be great to have a credit card fraud detection service applied to end-point and network monitoring? Peace of mind and a state of elevated security is PRICELESS. Ahem…luckily there is a service that does precisely this – Unify, powered by Entreda.