With the rise of cyber-attacks and data breaches, and today’s increasingly mobile workforce, securely managing data and endpoints without inhibiting employee productivity has become critical to organizations including military. Many devices including smart phones, tablets and laptops now have network access capabilities however these devices also provide an entry point for threats. These devices can expose organizations to a vast array of security threats and make the issue of corporate IT security a whole lot more complex.
US service members will no longer be able to purchase ZTE and Huawei phones on military bases, according to a new Defence Department directive that cites security risks posed by the devices. “Huawei and ZTE devices may pose an unacceptable risk to Department’s personnel, information and mission,” Pentagon spokesman Major Dave Eastburn said in a statement. “In light of this information, it was not prudent for the Department’s exchanges to continue selling them to DoD personnel.” Mobile Internet modems and other wireless products are also included in the ban.
The decision is the latest move by the Trump administration to limit the influence of Chinese wireless equipment manufacturers, stemming from fears that a more dominant Chinese tech presence could make it easier for Beijing to hack or spy on American businesses and military personnel.
Mobile malware attacks rose to 42.7 million incidents in 2017, up from 40 million in 2016. The risks are especially high for the public sector. The security website DarkReading reports that government ranks second for the highest number of mobile malware attacks, behind only the financial services industry.
Endpoint security is the process of securing the various endpoints on a network, often defined as end-user devices such as mobile devices, laptops, and desktop PCs, although hardware such as servers in a data center are also considered endpoints. Endpoint security supplements centralized security measures with additional protection at the point of entry for many attacks as well as the point of egress for sensitive data.
“While security continues to be a top concern for enterprise IT, most organizations are focusing most of their efforts on perimeter security including firewalls and intrusion detection. However, as employee mobility has increased and the number of mobile devices in use has exploded, an increasing number of breaches are occurring at the device level. IDC believes that a unified policy-based approach to data and endpoint security which leverages comprehensive systems management capabilities for all connected devices is the best way to achieve security and compliance end-to-end, said Matt Eastwood, SVP, Enterprise Infrastructure and Datacenter, IDC
Protecting untethered devices is more costly and complicated than ever, as government data flows between everything from laptops, smartphones and tablets to newer endpoints like wearables and IoT sensors on tanks, aircraft and other operations equipment. “In today’s cyber environment, the U.S. Army needs near real-time visibility and control of its endpoints to thwart adversary attacks,” said Daniel Bradford, deputy to the commander and senior technical director of NETCOM.
Endpoint security Management
The main goal of a sound endpoint management strategy should be that network activities are carefully monitored and unauthorized devices cannot access the network. Endpoint management solutions will identify and control any device that requires access to the corporate network.
Most endpoint management software is likely to check that the device has an operating system that has been approved, as well as antivirus software, and examine the device for updated private virtual network systems.
Endpoint management systems can work as a client and server basis where software is deployed and centrally managed on a server. The client program will need to be installed on all endpoint devices that are authorized to access the network. It is also possible to use software as a service (SaaS) model of endpoint management where the vendor of the service will host and maintain the server and the security applications remotely.
When a client device attempts a log in then the server based application will scan the device to see if it complies with the organization’s endpoint management policy, and then it will validate the credentials of the user before access to the network can be granted.
Any device which does not comply with endpoint management policies are either quarantined or granted limited access. Local administrative rights may be removed and browsing the Internet restricted. This is essential to combat attacks from cyber criminals and infiltrations from malicious groups.
Endpoint encryption and application control are critical components of endpoint security
Two key components of an effective endpoint security solution, endpoint encryption and application control are essential layers of endpoint security that prevent issues such as data leaks occurring intentionally or unintentionally through the copying or transfer of data to removable media devices. Endpoint encryption fully encrypts your enterprise data on endpoints, including laptops, mobile devices, and other endpoints, as well as in individual folders, files, and removable storage devices like CDs and USB drives.
Application control prevents the execution of unauthorized applications on endpoints, a core component of comprehensive endpoint security measures. Application control solves the challenge of employees downloading unauthorized or dangerous applications on mobile devices, which could create network vulnerabilities and lead to unauthorized access.
Some simpler forms of security also fall under the endpoint security umbrella by some definitions. For instance, anti-virus software and personal firewalls could be described as simple forms of endpoint security, according to TechTarget. That said, modern endpoint security definitions generally describe more advanced methodologies, encompassing intrusion detection and behavior-blocking elements that identify and block threatening actions and behaviors, either by end users or intruders.
Online survey, conducted by CyberScoop and FedScoop and underwritten by Samsung, provides a new snapshot of what matters most to federal IT and security leaders in securing endpoint devices accessing their networks — and where key gaps remain. Preventing cybersecurity breaches via endpoint devices and improving the time it takes to recover when breaches occur topped the list of mobile security priorities for IT officials over the coming 12-18 months.
The study found that at least 6 in 10 federal IT/security officials have implemented, or are in the process of implementing, various methods for securing endpoint devices, including: Multi-factor authentication, Single sign-on, Securing endpoint devices, Identify management, Securing mission-critical field devices, Role-based security, Remote device management, Role-driven secure access, and Derived credentialing.
Defense / intelligence agencies are outpacing civilian agencies in embracing biometrics and alternative forms of authenticating users to improve endpoint security.
Mobile security approach should align with agency’s overall cybersecurity strategy
Follow a standards-based approach. Look for mobile platforms that adhere to government-wide security standards, such as the Federal Information Processing Standards (FIPS), as published by the National Institute of Standards and Technology (NIST). They certify credentialing, key management and crypto-management capabilities. Platforms should also comply with the National Information Assurance Partnership (NIAP), which oversees evaluations of commercial IT products for use in national security systems.
The best endpoint platforms offer containerization for creating secure zones within mobile devices that clearly separate government and personal data and applications. This enables IT staff to encrypt and closely manage sensitive government assets, without impacting usability.
The endpoint security solution should seamlessly integrate with your overall cybersecurity environment. Choose endpoint platforms that come with thousands of APIs for out-of-the-box “hooks” into existing security systems, such as mobile data management applications, advises Samsung. This is essential for overcoming integration headaches and expenses associated with embedding mobile security within the larger cyber-defense foundation.
US army awards endpoint security and management services contract
World Wide Technology, Inc. received a $35 million task order to provide endpoint security and management services to the Army’s Network Enterprise Technology Command.
But the $35 million order is just part of a larger WWT contract with Defense Innovation Unit Experimental (DIUx) to provide what it calls “Endpoint Management Solution as a Service” to the entirety of the Defense Department and other federal agencies with a ceiling of $750 million.
In this case, “WWT guided the Army through DIUx’s prototype-to-production process in less than 60 days,” according to a release. “In today’s cyber environment, the U.S. Army needs near real-time visibility and control of its endpoints to thwart adversary attacks,” said Daniel Bradford, deputy to the commander and senior technical director of NETCOM. “DIUx helped NETCOM quickly identify, test, and scale this essential technology to support the size and complexity of Army networks.”
WWT will use Tanium’s endpoint management software to secure the Army’s network of 1.2 million endpoints with speed and scale, the company said. It will “provide the Army with instantaneous and complete visibility to endpoints across their network, which allows for automated detection and remediation of threats in real time,” Bryan Thomas, vice president of federal sales for WWT, said in a release.
“Such an award could have taken several months to complete using a traditional contracting process,” Rick Piña, chief technology adviser of federal for WWT, said in a release. “Working with DIUx and Tanium to expedite a solution that meets the Army’s immediate needs exemplifies WWT’s commitment to provide revolutionary technology products, services and supply chain solutions for our customers around the globe.”
References and resources also include:
https://ziften.com/endpoint-management-crucial-prevention-cyber-attacks/
https://www.fedscoop.com/world-wide-technology-wins-35m-diux-cyber-endpoint-management-contract/
https://digitalguardian.com/blog/what-endpoint-security-data-protection-101