Avoiding the risks of vulnerable endpoints

May 29, 2019By C8 ConsultingInsights

C8 organised and hosted a podcast with IT experts to discuss the risks associated with endpoint devices, how these can be minimised and the benefits of deploying a security-focused operating system.

When it comes to securing IT infrastructure, PCs are a challenge for IT security teams. Whether an organisation is running MacOS, Linux or Windows, they will change the type of PC they use to suit their needs. Adding applications and storing data, as well as accessing unsafe websites and receiving emails (on occasion with questionable attachments) means computers (irrespective of operating system) are unique and often unpredictable. Therefore, desktop devices may be compromised at several points.

Minimising endpoint risk

So, what precaution can you put in place to protect against and reduce such risks?

C8 Consulting- Endpoint devicesBecrypt has been working with C8 Consulting for several months and, as part of their PR outreach, C8 recently organised and hosted a podcast with IT Industry Analyst Bob Tarzey, and Bernard Parsons, CEO of Becrypt, a trusted provider of endpoint cybersecurity software solutions. During the podcast Bernard and Bob spoke about the risks associated with endpoint devices, how these can be minimised and the benefits of deploying a security-focused operating system. Below are some of the points they covered:

Why endpoints are a weak point in the IT infrastructure

To provide some background, an endpoint device is any internet-capable computer hardware device that runs on a network. They pose a risk to organisations because up to 45% of corporate data is held on these endpoint devices. Understandably, organisations want to reduce the risk of that data being compromised by cyber attacks.

The amount of software that sits on a typical endpoint device, such as a desktop, means there are numerous vulnerabilities. However, organisations struggle to test

the security of all endpoint devices under their management in a timely way. This creates a window of opportunity for cyber threat actors (groups of individuals who gain unauthorised access to information systems to maliciously affect victim’s data, devices, systems or networks) to exploit these devices.

Aside from the innate vulnerabilities of the endpoint devices themselves, one of the main challenges facing organisations is that the employees who use them also constitute a weak point. No matter how much an organisation trains their employees to understand the dangers and characteristics of phishing – namely the practice of sending fraudulent communications that appear to come from a reputable source – there’s always someone who, due to haste or inexperience, will click that link and unwittingly allow attackers into the network.

Benefits of security-focused operating systems

 To tackle these security challenges, organisations look at adopting security-focused operating systems. Below are the three main benefits this kind of operating system can bring:

  1. Detect: This kind of operating system is able to positively identify an endpoint device. This reduces the risk of attack from a cyber threat actor because no unknown devices will be granted access to the organisation’s data. This stops the threat in the first place.
  2. Manage: If implemented correctly, the adoption of operating system security should reduce cost or management overheads for an organisation. This is because the cost of an attack is far greater than implementing an operating system in the long run.
  3. Defend: The security-focused operating system will ultimately defend an organisation’s device, so they are not vulnerable to attacks.

 Why Becrypt developed its security-focused operating system

C8 Consulting- Endpoint security

Becrypt worked with the National Cyber Security Centre (NCSC), who were looking to set up an environment which allowed organisations to share infrastructure. To do that they needed secure endpoints, so all departments were working from the same security position. Moreover, they also needed the ability to identify devices across the NCSC. Becrypt built a security-focused operating system for cloud and online applications, called Paradox.

With Paradox, Becrypt is able to understand the security status of any device and be able to identify who is using it and what access rights it has, every time it starts up. The window of opportunity for attackers exists from the moment a vulnerability is made public to the time that an organisation applies the patch that fixes the vulnerability on its device. With Paradox understanding the security status of devices, they are not susceptible to these common attacks.

Becrypt also developed an ‘end-user device-as-a-service’ platform, Paradox Edge, which allows businesses to outsource the complexity of hosting third-party client applications on user devices. Paradox Edge offers secure and scalable infrastructures for end-user devices which reduces the devices’ software complexity to make it more secure.

How you ensure trust in the operating system environment

User identity is an important and necessary part of any secure computer environment, especially when trust needs to be established across multiple devices when they are remotely linked. Operating systems need to be configurable so they can support different types of authentication, to ensure that they work with their customers or enable the customer themselves to configure the operating system to meet their existing authentication requirements.

Endpoint devices will always pose a risk to an organisation’s security, but deploying a robust, security-focused operating system will reduce that risk, cut management costs and give organisations peace of mind.

Why C8

As a disruptive-tech PR agency, C8 are well positioned to tell your story – locally, nationally and globally. We create headline stores that resonate global publications and understand that we operate in a multi-channel world. Discover more about our services and get in touch to find out how we can work together.

To listen to the full podcast please follow the link.