The Millennial generation is now the largest cohort in the working population, and most of them are digital natives—they’ve never known a world without laptops, mobile devices, and telecommuting options.
A recent BI Intelligence report claims that in five years, mobile workers will make up 72% of the total US workforce. In 2013, Gartner predicted that by next year, half of global enterprises will require employees to bring their own devices.
As this trend continues, CSOs and CISOs face significant challenges as mobile workers roam around with their laptops in the land of a thousand unsecured Wi-Fi connections, wondering when malware, ransomware, or social engineering fraudsters may strike. The trick is to balance security with the many benefits of innovation, collaboration, and productivity without depriving our workforce of the wide-ranging benefits of mobility.
The traditional boundaries between workplace and every other place simply don’t exist for them—they work, play, communicate and multitask from their personal devices at all hours, using their preferred apps and cloud services to get it all done.
Clearly, we’ve moved (or been pushed) well beyond the debate over allowing BYOD, or the cultural implications of an increasingly mobile workforce, and are now addressing the resulting challenges. This is reflected in the rapid growth of the EMM market, which 451 Research predicts will surge to $9.6 billion worldwide by 2018. The prevalence, potency, and sophistication of global cybercrime show no signs of abating, and the threat surface increases as homeworking and mobility become more widespread. It’s important for companies and IT leaders to examine and fully comprehend the implications of the significant cultural and technological shifts that brought us here. Security solutions that don’t match the way we now work, live, and communicate will fail.
More options lead to more vulnerability
Mobile endpoint management is important for every organization, not just large global enterprises. The growing popularity of telecommuting (a quarter of employed workers), the mushrooming adoption of cloud infrastructure and services, and the ubiquity of mobile devices, apps, and wi-fi connections together create an unstoppable force that continually reshapes how we do business.
Myriad opportunities for creativity, flexibility, and efficiency have been enabled by the digitization of everything, but vulnerabilities and security gaps have proliferated apace. Easy, affordable access to mobile devices, cloud services, and apps means more to patch, configure, and monitor. Virtualization and mobility blur the network perimeter, undermining traditional security approaches. Social engineering schemes subvert security solutions by weaponizing human gullibility. Likewise, human error and poor cyber hygiene makes relying on password protection akin to gambling.
Data fuels and is generated by nearly every business process, creating huge, lucrative targets for hackers. Massive, damaging data breaches have prompted an increase in regulation, and the current focus on compliance has shifted attention away from other vulnerabilities. Ransomware attacks are on the rise (see Cisco’s midyear report for critical updates), with criminals finding ways to maximize pain and profit, including creative uses of spear phishing, blackmail, DDoS, malware delivery mechanisms, and highly sensitive targets. The cybercriminals’ focus on data exploits makes it all the more imperative to protect corporate data assets—inside the network, on mobile devices, and everywhere in between.
Securing a moving, multiplying digital workforce
To address the complex of vulnerabilities introduced by mobile endpoints and mobile data, increased visibility is paramount. We need to know how many laptops there are, where they are, what’s running on them, and how they are configured and secured. They have to be monitored for unauthorized or vulnerable applications, security agent validation, and indicators of compromise. In other words, we have to (once again) get back to basic security practices, but at the scale and complexity of distributed endpoints—in other words, protecting highly exposed, moving targets. Without a comprehensive yet unobtrusive mobile workforce solution, even the most fundamental security measures are nearly impossible to validate and enforce.
To mitigate and prevent damage from cyber attacks and human error, we have to enable visibility before, during, and after an attack. Agentless solutions represent an important advance in endpoint management; being able to inventory, scan, and remediate every device on the network without installing agents on each machine has made essential security functions, including patching and monitoring, much more accessible for all types of businesses. However, as the bright lines between on-premise and cloud, internal and external networks, work and personal devices continue to blur, we need a solution that goes with our mobile workers, however unpredictable and risky their digital journey may be.
Hybrid solutions that rely on a complementary combination of agentless capabilities and agent-based control features are the best match for the challenges of the mobile workforce. The information continuously collected from agentless inspection engines and deployed agents can be combined into a single holistic view of risk, vulnerability, and compliance. The scheduling of predefined inspections—including CVE scans and assessments, unauthorized app discovery, Windows patch validation, and agent validation—can be customized to the desired frequency and timing. User-defined inspections allow companies to check endpoints for risks particular to their business or compliance program. The latest patches for high-risk apps like web browsers and plug-ins can be automatically deployed, markedly limiting attackers’ window of opportunity to exploit known vulnerabilities.
For IT teams on the moving battleground of network and data security, the heightened situational awareness provided by a hybrid endpoint management solution is indispensable. Instead of rushing to put out raging fires, they can instantly survey the integrity of the IT landscape, proactively identify and close gaps, and continually enforce security policy. Being able to do all this without disrupting the productivity or flexibility of mobile workers helps maintain a healthy balance between opportunity and risk, a central challenge for every modern enterprise.
About the Author
With more than 30 years of successful entrepreneurial leadership and management experience, Dan Ross is responsible for strategic direction and day-to-day global management at Promisec. Promisec is a pioneer in endpoint visibility and remediation, empowering organizations to avoid threats and disarm attacks that can lead to unwanted headlines and penalties. Its technology assures users that their endpoints are secure, audits are clean, regulations are met, and vulnerabilities are addressed proactively.