IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.
Sponsor Content
What does this mean?

A Plan for Protecting Endpoints and Fortifying Cybersecurity

Cybersecurity
Shutterstock

In today’s challenging threat environment, government agencies must have a holistic, multifaceted security strategy to increase their cyber resilience.

Many state and local governments have embraced hybrid and remote work, creating a distributed environment with seemingly countless endpoints. Personal computers, laptops and other end-user devices are crucial for boosting employee productivity and enabling resilience, but they also increase agencies’ security exposure. To better protect their organizations, agencies must not only deeply integrate security into their software environment as they transition to the cloud, but also build security into hardware and firmware to reduce their risks.

“We’re seeing exploits happen in the most innocuous ways,” says Stephen Pieraldi, distinguished technologist at HP.

Agencies must develop a modern endpoint strategy to safeguard their data, increase their resilience and defend the enterprise.

SECURITY CHALLENGES IN DISTRIBUTED ENDPOINT ENVIRONMENTS

Agencies today face a wide range of security challenges. The traditional castle-and-moat approach to cybersecurity is no longer enough — especially as ransomware, malware and credential theft become ever-growing threats.

“We have a new threat landscape where social engineering and targeting individuals have become the flavor of the day,” Pieraldi says. “There’s a lot of money to be made not just from ransomware, but from a whole host of ways that criminal enterprises are leveraging technology to make these extractions.”

Legacy security processes also increase agencies’ exposure. Patching and vulnerability management — and overall security governance — is often a point of weakness due to resource, staffing and technology constraints.

Agencies should forcefully confront these challenges. They must advance their security maturity with automation, artificial intelligence (AI) and machine learning (ML) that contextualize threat intelligence and facilitate real-time, dynamic threat prevention and response. Developing a modern endpoint security strategy is the best way to harness these capabilities for better defenses.

BEST PRACTICES FOR BUILDING A MODERN SECURITY STRATEGY

As distributed work and computing environments become the norm for government organizations, they can take several steps to fortify their security apparatus, including:

Establish a diversified, multilayered security strategy.
A staggered approach to defense allows agencies to cycle different security solutions to keep hackers on their toes.

Build more robust endpoint security.
A good endpoint strategy starts by addressing the organization’s immediate security weaknesses. Agencies may want to take an operational view of security that focuses on the needs of C-suite users, where security lapses can pose the greatest risks. Securing these endpoints first is fundamental.

Thoroughly vet solutions and providers.
Agencies can assess providers by asking pointed questions about their security practices, such as whether they only store customer data in the cloud. Agencies can also use the NIST Cybersecurity Framework or other industry standard frameworks to evaluate vendor security.

Focus on processes and technology.
Agencies should employ secondary checks and balances rather than relying on technology alone to improve endpoint security. They should continually update their security governance processes and procedures to complement endpoint detection solutions.

COLLABORATING WITH A STRATEGIC TECHNOLOGY PARTNER

To further improve endpoint security, agencies can collaborate with a strategic technology partner who offers solutions that are built to evolve with the threat landscape.

Agencies should look for a partner that provides advanced printer security capabilities. This should include forms of isolation and protection that don’t impede user productivity, Pieraldi says. The vendor’s solution should incorporate isolation at both the browser and virtual machine level, focusing on instances and user transactions. Secure lock print is another capability that can advance protection in agencies’ IT environments.

Firmware security controls that incorporate memory protection are also critical.

“We used to write off firmware attacks, thinking that you have to be in possession of the physical equipment, and from there do all these magical things that are a rarefied knowledge,” Pieraldi says. “But look at where we are today. Firmware exploits are happening remotely now by a user clicking on a downloadable package and having that package somehow attack the firmware.”

Agencies must prioritize vendors that offer built-in, automated zero-trust capabilities within their solutions and who practice effective supply chain management. Don’t only be concerned about the security posture of your technology provider. Remember that every other vendor within a company’s supply chain represents a potential risk. Providers who implement comprehensive supply chain controls can significantly mitigate these risks.

LAYING THE FOUNDATION FOR STRONGER PROTECTION

With a modern endpoint strategy that encompasses software, hardware and firmware, state and local agencies can better protect their IT environment, become more resilient and make it much more challenging for cyber criminals to infiltrate their systems.

“We can’t keep training our users to become our detection devices. Users have to do their work. They have to remain productive, and they have to do it wherever they are,” Pieraldi says. “It’s a new landscape.”

This article is excerpted from the new Government Technology thought leadership paper, “Reducing Risks at the Endpoint: A Plan for Fortifying Cybersecurity.” Click here to download the full paper.