According recent studies, 78% of businesses allow non-IT managed devices to access their corporate resources. This figure is likely to get larger as 83% of firms said they expect to support Apple iOS, while 77% anticipate supporting Android-enabled devices.
Each device has its own security vulnerabilities as well as less developed security application – Most don’t even have antivirus or antispyware protection on the devices themselves. So as you can imagine, mobile devices are a hackers dream target.
According to a report by Kaspersky, there has been a 400% increase in Android malware attacks in 1 year.
To take advantage of the productivity offered by web-enabled smartphone and endpoint devices (laptops & tablets), it is important that businesses have appropriate policies and procedures that protect your business while still enabling staff to use the devices that best fit their needs and improve their productivity.
Best Practices for Endpoint Security Solutions
There are a number of established best practices for Endpoint Security Management like Webroot Endpoint Protection suite of products, and among these are:
- Require employees to sign IT usage policies that applies to all endpoint devices including those owned by the business as well as their own equipment. Policies and Usage statements should explicitly state the security and support that IT will provide, so that they are only responsible for those apps and services that IT delivers and approves and protects the businesses systems.
- Use edge protection to route all network request such as email and server access to block security threats before they even hit the endpoint and can do damage.
- Allow workers to only have access to the different areas of the network they need to do their job. i.e. a Financial Controller may need access to corporate financial information, but your sales executive doesn’t.
- Ensure all Corporate Data is deleted from the endpoint device in the event they are lost or stolen or if the employee leaves the business. A Juniper Networks study found that 1 in 20 mobile devices are lost or stolen.
- Provide centralised access to applications to ensure they are protected with the latest security protections
- Educate staff on the latest threats and that the need for security is everyones responsibility and not just that of IT. Staff should be alerted to the latest social engineering techniques including social engineering attacks, financial institution phishing scams and of course the Nigerian Prince that wants to give you a million dollars if you can help him claim his inheritance.
By using these best practices, a business can start ensuring it protects its valuable data and end users are enabled with better flexibility and productivity tools.