Ransomware is usually associated with home users but, by its very nature, it is not selective. There has been a definite shift in the market to include endpoints in the defensive armoury of your business. The challenge here is to make a choice from the wealth of vendors that are now entering this market. We have seen the major perimeter vendors adding endpoint technologies to their “platform”. But what do we mean by endpoint now? 

Only a few years ago this was clear. An endpoint was a laptop, but now it is more than likely to be a tablet or mobile, and no longer dominated by Microsoft. The risks are now clear and, while the perimeter defences have been the focus of many organisations, the endpoints along with applications are seen as the potential entry point for cyber-criminals. The challenge to any organisation when they include (and they should) endpoints in their defences – is scale. 

Operational hygiene is essential when dealing with endpoints, so how do you ensure that all your endpoints are patched and up to date and how do you know what is connected to your network? The tipping point has been reached and simply relying on traditional endpoint security is no longer acceptable. Organisations need to take a closer look at how they manage and secure their endpoints and how to control devices connecting to their network. 

There are numerous choices in the market but here are some basic guidelines:

  • Look at the new toolset for operations to manage your endpoints.
  • Determine the approach your organisation can manage effectively - detect and respond or block and protect
  • Manage who and what can connect to your network including IoT and mobiles
  • Finally, for some time now we have recommended doing the basics and education for all your employees.

Ransomware is highlighting the increased attack surface of the endpoint but this is the public face of the cyber criminal and as we are all too aware that this is just the tip of the iceberg.