Software

Are your apps making your business vulnerable?

Appsidents will happen.

When you allow a device onto your business network, it’s not just the device you allow. Every device has apps or software that run the processes you need to work.  But these self-same apps can bring security issues with them.

Because each app needs to connect back to a remote server in order to run patches and updates, every app is a potential method of attack.  Either the connection it uses, which will be allowed past your security firewall, can be used, or the program itself, with hackers injecting their own code into the app which then gets transferred to your device upon update. 

And it’s a big problem.

Reports suggest more than 30% of companies have suffered security breaches due to poor app security., with even big name companies like WhatsApp, Facebook and Under Armour being implicated.

But we need our business apps to work. So let’s take a look at some of the solutions available to beef up the app security in your business.

Introducing Endpoint Protection

Endpoint Protection, or Endpoint Security. is a means to bring visibility, security and control over every device, or endpoint, on your network. Endpoint Protection isn’t a single solution, but more a collection of features that together will allow your business to properly manage the devices on your network, rather than leaving device security to chance.

The main features that any Endpoint Protectin solution should feature includes:

Centralised Management.

One of the goals of Endpoint Protection is to move from leaving some elements of device security and management to the device user, and instead to apply control centrally as a business. 

This control is usually applied by the creation of policies which are then applied based on either the device or the user. For instance, business-issued tablets might be locked down to use business-related apps only, or users not in the finance department be prevented from accessing finance data and apps.

Centralised Management also includes alerting and reporting.  The IT staff managing your Endpoint Protection will need to be alerted when significant actions take place, such as a new device being registered, or a suspicious file being detected.  Meanwhile, IT and business managers will want regular reporting on device activity to ensure that the business risk posed by both devices and users is being properly managed.

Patch management.

Keeping business apps patched with the latest updates is critical to business security. Unfortunately, with such a rapidly changing threat environment, patches are being released very frequently, making it very difficult to keep up through manual patching. Also, patch application needs to be properly managed.  Some patches can cause programs to misbehave, which you’d prefer to know before apply the patch to all devices, also some patches will require devices to be rebooted to be effective, which can be inconvenient.

A patch management service will help you by:

• Allowing patches to applied centrally and across all devices
• Scheduling patches to be applied outside core work hours.
• Triaging and testing patches before application
• Enabling single-click roll back in case patches do cause issues.
• Prioritise patches based on security urgency.
• Allow you to view your whole device estate, their specification, software and patch status, at a glance.

Centralised Management.

One of the goals of Endpoint Protection is to move from leaving some elements of device security and management to the device user, and instead to apply control centrally as a business. 

This control is usually applied by the creation of policies which are then applied based on either the device or the user. For instance, business-issued tablets might be locked down to use business-related apps only, or users not in the finance department be prevented from accessing finance data and apps.

Centralised Management also includes alerting and reporting.  The IT staff managing your Endpoint Protection will need to be alerted when significant actions take place, such as a new device being registered, or a suspicious file being detected.  Meanwhile, IT and business managers will want regular reporting on device activity to ensure that the business risk posed by both devices and users is being properly managed.

Patching and the  NHS hack.

In May 2017 the NHS was hit by the largest cyber attack ever to hit the UK, which has been estimated to have cost the NHS, and with it the UK taxpayer, close to £92 million.

The NHS wasn’t a specific target of the attack, but became a victim because it had failed to properly patch devices quickly enough.

Before the attack hit Microsoft had released a patch that would have prevented the attack, and the NHS trusts that did apply the patches avoided becoming victims. Some devices were even found to still be using Windows XP operating system which was out-of-support by the time of the attack (meaning no new patches would be developed).

This lack of a cohesive approach to something as simple as keeping software up to date has cost them dearly. The Government’s own report has estimated the cost of the attack to be £92,000,000.

I now understand…

• What patching is.
• What can happen if patches aren’t properly applied
• What patch management is and how it helps make my business more secure.