Rising Mobile Malware Attacks Call for Better Endpoint Security
Early this year, the Ponemon Institute and Lumension conducted a survey of IT professionals, revealing that 75 percent of respondents reported that mobile endpoints in their organizations have been targeted by malware over the past year in their report, 2015 State of the Endpoint Report: User-Centric Risk.
In 2014, Gartner predicted that the target of endpoint breaches would shift from desktop devices to mobile devices, like tablets and smartphones, a reflection of the growing bring your own device (BYOD) trend in workplaces everywhere.
Endpoint security - according to Webopedia, it refers to the methodology of protecting corporate networks when accessed from remote devices, like mobile devices or laptops. Each device creates a potential entry point for security threats to a company’s network.
Ponemon’s survey of a fairly even distribution of IT technicians, managers, supervisors and directors reporting to Chief Information Officers (CIOs) has shown that endpoint security has now become a primary aspect of organizations’ overall IT security strategy.
More Devices, Cloud Apps & Remote Access
The most problematic use case involved negligent employees using multiple devices (68 percent) and cloud apps (73 percent) to work remotely (63 percent). Connecting to networks remotely with cloud, or web-based applications can be cause for concern, as typically these connections rely on a single password for user access.
Increase in Zero-Days & Phishing Attacks
And those passwords can be easily stolen with social engineering or circumvented, as statistics from the report show - the types of attacks that have seen the biggest increase include zero-days (13 percent increase from last year) and spear phishing (a 7 percent increase).
There was also a decrease in botnet attacks and spyware, suggesting that attackers have realized that phishing emails and zero-days are more effective and provide a faster time-to-breach than other types of attacks.
Plus, phishing is so low-tech, it takes much less time and effort to craft a convincing email and spin up a spoofed page to collect stolen passwords. And it’s almost guaranteed to work, preying on the lowered defenses of a busy user that puts trust into what appears to be a credible sender or website.
With a legit password, it gives attackers the ability to log in and conduct activity as a legitimate user, which can veil them from detection from security software for long enough to make off with tons of data.
Zero-Days Target Adobe, Oracle and Cloud Apps
As for zero-days, they often target certain types of applications and older versions of software. According to the report, 62 percent of respondents attribute increased endpoint malware risk to Adobe (Acrobat, Flash Player and Reader). Another 54 percent attribute risks to Oracle Java JRE, and 46 percent for cloud-based productivity apps (WinZip, VLC, VMware and VNC).
Another 80 percent of respondents stated that mobile devices like smartphones, including iPhones, iPads, Android and Blackberry are the greatest concern when it comes to introducing potential security risks in the IT environment. Third-party apps also introduce more risk to IT environments, at 69 percent.
Mitigate Risks With More Governance & Control
How can companies stop these attacks and reduce risk? Half of respondents believe that attacks could be mitigated with greater governance and control processes, including enforcement of endpoint security policies and training and awareness for employees.
More control over endpoint devices is possible only with complete insight into your IT environment and the devices used to remotely access your company’s network. When vetting endpoint security tools and technology, ensure that you can get a complete look into your devices, software, plugins, browsers, OS versions and more device data.
A good endpoint security solution will also help you analyze which devices may be running out-of-date or high-risk applications, like Java or Flash, giving you the information and alerts necessary to isolate the devices and ask your users to update. From this data, you should also be able to create custom policies and controls using your endpoint security solution, allowing you to dictate who can access which apps.
Greater governance and control over devices and data that are quickly outpacing security can be made easier with newer security solutions that are constantly updated to keep up. Learn more about Duo Access.