Endpoint security is not dead

By Simon Campbell-Young for Phoenix Distribution
Johannesburg, 23 Sep 2014

Endpoint security software, AV in particular, is getting a bad reputation for being an ineffective security measure, says Simon Campbell-Young, CEO of Phoenix Distribution. Advanced attacks, increasingly sophisticated threats, and trends such as cloud, mobility and the Internet of things are changing the security game and upsetting the balance.

Campbell-Young says in the past, endpoint protection was considered a cure-all. Each machine in the business had endpoint security installed, which regularly updated signatures, patched as necessary, scanned regularly, and users were good to go. "The usual array of threats, viruses, worms, spyware and adware were no longer a worry."

However, the landscape changed when far deadlier threats emerged. "Threats like Stuxnet, which first showed how malware can be weaponised, changed the game. Alongside this, the cyber underworld started to organise itself more effectively, developing stealthier malware, more advanced evasion techniques and zero-day attacks. To counter this, the security community brought out more sophisticated counter measures such as sandboxing, cloud intelligence, file reputation services and dynamic payload analysis," Campbell-Young explains.

He says this heralded a significant shift in the security game, as security vendors frantically began playing 'catch up' with threat actors. "Too often, those that were tasked with protecting their businesses from these new threats were not au fait with more advanced threat techniques, and continued to rely too heavily on traditional endpoint protection."

Unfortunately, this is still the case today at many companies. "The IT department slaps endpoint security on all machines, too often in some minimal configuration, and lets it tick over, updating signatures, running scans and so on. This results in the organisation suffering a breach, and the blame being laid at the product's door."

Campbell-Young says this mindset needs to change. "Technical departments must take proper control of endpoint security and train staff properly on installing, configuring and provisioning it, as a part of the whole security strategy, not as a standalone solution. A proper understanding of what the endpoint security requirements are must be reached, and a plan written to tweak endpoint security to the businesses' needs to mitigate risk, and protect the various endpoint devices."

At the end of the day, he says, a company's users pose the biggest risk to its security. They have access to the most sensitive data, and too often turn a blind eye to security policies, engaging in risky behaviours that they know they shouldn't. They will unthinkingly plug all manner of devices into the corporate network, and download applications without considering the security implications.

"All this sensitive data on your users' endpoints is being targeted by cyber criminals, who will exploit these endpoints to gain a foothold into the company. This adds up to a huge challenge for the technical department, and the only way to address it, is to ensure that good endpoint security is in place."

Phoenix Distribution

Phoenix Distribution is currently the leading value added distributor of software, accessories and peripherals across the African continent, covering software publishing, localisation and product distribution across multiple territories in multiple languages.

The business is segmented into two divisions, namely corporate software licensing and retail product distribution, and Phoenix Distribution dominates the consumer and SMB security sectors through key brands which include: Norton/Symantec, AVG, Kaspersky and Bitdefender. Additional brands within the consumer-focused range include, Microsoft software and peripherals, Beats by Dr Dre, Trendnet Wireless products, Monster Cables and mobile accessories.

The corporate licensing division sells volume licensing into the enterprise and SMB reseller environments, as well as covering architecture and implementation. The ESD division delivers download content into all channels, including B2B and B2C.

The retail division delivers physical product into the retail environment, covering all mainstream ICT, CES, telco, lifestyle, fashion and sports outlets, as well as independents and online stores. This division delivers direct to outlets and or customers across sub-Saharan Africa.

Phoenix Distribution is growing at 70% per annum, with additional acceleration coming from development within the greater African marketplace, as well as the acquisition of significant high-end product lines within the enterprise arena. In addition, the company's UK business, PX Security, is firmly entrenched within the UK retail and SMB reseller environments, shipping product through trusted distribution partners into mainstream retail outlets and direct engagement with B2B resellers. The UK operation publishes and distributes Bitdefender, Webroot and Avast.

Additional bespoke services offered to partners include Electronic Software Distribution within the B2B and B2C environments, category management, training and end-to-end merchandising.

Phoenix Distribution, including the UK subsidiary PX Security, was recently acquired by First Technology Holdings.

For more information, visit www.phoenixsoftware.co.za, www.pxsecurity.co.uk and www.pxsoftware.co.za.

For purchasing information in Africa, visit www.kasperskyafrica.com, www.kasperskyangola.com, www.kasperskybotswana.com, www.kasperskymozambique.com, www.kasperskynamibia.com, www.kasperskysouthafrica.com, www.kasperskydrcongo.com, www.kasperskyzimbabwe.com, www.kasperskyzambia.com, www.antivirusangola.com, www.antivirusbotswana.com, www.antivirusmozambique.com, www.antivirusnamibia.com, www.antivirussouthafrica.com, www.antivirusdrcongo.com, www.antiviruszimbabwe.com, and www.antiviruszambia.com

Editorial contacts

Endpoint security is not dead

Endpoint security software is getting a bad reputation for being an ineffective security measure, says Simon Campbell-Young, CEO of Phoenix Distribution.