Endpoint security is critical. Most successful cyber-attacks happen through the endpoint with hackers preying on the inattention or trust of users to download or open infected files. Effective endpoint security, however, requires knowing which security tools are in use, ensuring they are up to date, and enforcing policies and best practices.
Of course, this is easier said than done, especially for a hard-pushed small to medium-sized business. Often, administrators don't know exactly which antivirus (AV) tools are where, which versions of software are running, or which patches are current or outdated.
Large distributed networks typically have multiple AV tools and run different versions of systems applications, all of which require version-specific updates. Without a consolidated view and centralised management of the network, keeping everything current and patched is almost impossible.
With potentially more impact than a financial loss, the costliest part of a security breach is data loss, theft and corruption. Lost productivity can cost millions and the theft of an organisation's intellectual property can be devastating. The Ponemon Institute estimates the cost of cyber-crime per organisation at an annual $8.9 million. Cyber-crime can also wreck an organisation's reputation – sometimes irreparably – if private data is stolen or exposed.
IT administrators often teeter on the edge of disaster. And while they understand the dangers of unpatched software, administrators may feel helpless in the face of relentless hackers and a complex, demanding patch schedule. Not only do they have to protect their organisations, but also their own jobs and reputation. When a security incident occurs, their heads will be the ones on the line.
So even if a breach occurs, administrators must prove they took the proper steps to protect the network and data – that they followed corporate policies and met regulatory requirements. A big part of that involves timely patching and updating.
The only chance that budget-tight IT departments have at effectively tackling all these challenges is by replacing error-prone, time-consuming manual processes with the automation of endpoint security management for audits and patching. Administrators need to manage these processes from a single dashboard that gives them a comprehensive view of the IT environment.
Instead of resorting to guesswork, administrators have information at hand about which antivirus tools are deployed and on which machines. All endpoints are covered and hard-to-reach remote and mobile computers are also patched and updated regularly. This is key to preventing infections caused by malware that users sometimes unwittingly pick up outside network firewalls.
Centralised management reduces security tasks from days to hours - or even minutes. Scans and deployments can be scheduled off-hours to avoid interrupting users. Through the dashboard, IT teams keep tabs on the health of the network 24/7 through real-time alerts for various conditions, including missed scans, unpatched machines and out-of-date applications.
Alerts for suspicious events at endpoints can be set, giving IT the ability to react immediately by isolating a suspicious machine to prevent an infection from spreading and, if needed, initiate remediation.
Patch management works hand-in-hand with endpoint security to plug security holes that can put an organisation at risk. With simple mouse clicks, administrators can check patch status, deploy updates and enforce patch-compliance policies, all from a central location, keeping the software and security tools at each endpoint up-to-date.
The system works out of the box to audit patch status and compliance, taking only minutes to get up and running. Automated scans identify missing and out of date patches, and determine where new updates are needed. Interoperability issues that create security vulnerabilities can be identified and addressed. Installation of software components is transparent, and can be scheduled to run off-hours, simultaneously to all machines, without disturbing users.
To complicate matters, patches sometimes cause problems for users and IT staff, breaking applications and deleting files. To avoid breaking applications and deleting files, administrators can test patches in an isolated environment before implementing them network-wide. Monitoring and alerts ensure that IT knows when patch deployments fail or when something goes wrong during reboots. Customisable reporting capabilities help administrators keep track of patch status and provide proof of compliance.
IT administration isn't easy, especially when you consider the risk posed by cyber-threats that can shut down a network and cause irreparable business damage. By automating and centralising endpoint management for antivirus, security audits, patch status and patch management, tasks involved in protecting networks become easier and more efficient, improving MSPs and SMEs endpoint security and so helping them to fend off cyber-threats.
Contributed by Mike Puglia, chief product officer, Kaseya
*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.