Endpoint security is no longer just about the desktop or laptop.
So said Craig Hockley, regional director for SA and sub-Saharan Africa at McAfee, in an interview with ITWeb yesterday.
According to Hockley, more and more people are bringing mobile devices into the workplace to access corporate networks, which is putting additional pressure on endpoint security.
"Mobility is driving organisations to seek more ways of better protecting themselves. We have the internal staff wanting to access external applications, cloud-based applications, Twitter, Facebook, Dropbox, etc," he said.
"The challenge is what kind of information is being put on these applications? How well are these external Web sites managing and controlling that information? Organisations that choose to use social media and mobile devices should continue to do so, but they should make sure they put in place the intelligent solutions to mitigate risks."
He pointed out that how individuals protect these devices from malicious attacks has changed the endpoint security threat landscape.
Cloud is another big driver, said Hockley. "Organisations are putting their critical applications into servers hosted in the cloud. Organisations should make sure that the cloud service providers they are using for this are well protected because these service providers are being attacked more and more; some of them are putting up cloud-based applications quickly and they don't understand the security implications."
Hockley also noted that the amount of malware that is being produced every day has grown more than 10-fold in the past three years. "In our recent report, the cumulative number of unique malware samples in the collection still exceeds the 75 million mark in a year. This means the traditional anti-virus protection is not enough anymore. Organisations have to move to different levels of protection now."
He revealed that endpoint security has been exacerbated by new types of attacks, such as rootkit attacks, which McAfee says represent the latest escalation in the decades-long battle between malware developers and security researchers.
According to Hockley, typically, there are two kinds of end-users - home users and business users. He believes those in organisations are generally protected, as most organisations are advancing their security postures at the moment.
"However, organisations should look at security more holistically and should not just tick the boxes for corporate governance requirements; they must understand what core assets need to be protected and understand the implications of something happening to those assets.
"Home users, on the other hand, are more vulnerable. Parents should know what their children are doing on the Internet, to prevent them from visiting malicious Web sites."
To protect endpoints, Hockley suggested that organisations deploy either blacklisting or whitelisting software. Blacklisting, also referred to as anti-virus, is a traditional security approach that blocks, and often eradicates, malicious code or data containing a known or suspicious character string documented in a regularly updated malware signature file, he explained.
Whitelisting maintains a carefully controlled list of permitted, trusted code, which is allowed to execute, while unknown or unauthorised software is prevented from running, he concluded.
Share