Why You Need To Maintain Continuous Endpoint Visibility – Chuck Leaver

Written By Roark Pollock And Presented By Chuck Leaver Ziften CEO

 

A study recently finished by Gallup discovered that 43% of Americans that were in employment worked from another location for a few of their work time in 2016. Gallup, who has been surveying telecommuting trends in the United States for practically a 10 years, continues to see more employees working outside of conventional workplaces and an increasing number of them doing so for more days from the week. And, obviously the number of connected devices that the typical employee utilizes has actually increased also, which assists drive the convenience and preference of working away from the workplace.

This mobility definitely produces better staff members, and it is hoped more efficient workers, but the complications that these trends represent for both systems and security operations teams should not be dismissed. IT systems management. IT asset discovery, and risk detection and response functions all take advantage of real time and historic visibility into user, device, application, and network connection activity. And to be truly efficient, endpoint visibility and monitoring should work no matter where the user and device are operating, be it on the network (regional), off the network but connected (remotely), or disconnected (not online). Present remote working patterns are significantly leaving security and operational teams blind to possible problems and risks.

The mainstreaming of these trends makes it much more tough for IT and security teams to restrict what was before deemed greater threat user behavior, such as working from a coffee shop. However that ship has sailed and today systems management and security groups have to have the ability to thoroughly monitor device, network activity, user and application, discover anomalies and inappropriate actions, and impose proper action or remediation no matter whether an endpoint is locally linked, remotely connected, or disconnected.

Furthermore, the fact that lots of staff members now frequently access cloud based assets and applications, and have back-up network or USB attached storage (NAS) drives at home further amplifies the requirement for endpoint visibility. Endpoint controls frequently offer the only record of activity being remotely performed that no longer always terminates in the business network. Offline activity provides the most extreme example of the requirement for constant endpoint monitoring. Plainly network controls or network monitoring are of little use when a device is operating offline. The installation of a proper endpoint agent is crucial to ensure the capture of very important system and security data.

As an example of the types of offline activity that could be discovered, a customer was recently able to track, flag, and report unusual habits on a corporate laptop computer. A high level executive transferred substantial quantities of endpoint data to an unapproved USB stick while the device was offline. Due to the fact that the endpoint agent was able to collect this behavioral data throughout this offline duration, the client was able to see this unusual action and follow up appropriately. Continuing to monitor the device, applications, and user behaviors even when the endpoint was detached, offered the customer visibility they never ever had in the past.

Does your organization maintain constant monitoring and visibility when employee endpoints are on an island? If so, how do you achieve this?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>