Charles Leaver – More Working From Home Now So Constant Visibility Of The Endpoint Is A Must

Written By Roark Pollock And Presented By Charles Leaver Ziften CEO

 

A study recently completed by Gallup found that 43% of Americans that were employed worked remotely for a few of their work time in 2016. Gallup, who has actually been surveying telecommuting patterns in the United States for practically a decade, continues to see more workers working beyond traditional offices and more of them doing this for a greater number of days out of the week. And, obviously the number of linked devices that the typical employee utilizes has jumped too, which assists encourage the convenience and desire of working far from the workplace.

This mobility definitely makes for happier employees, and one hopes more efficient employees, however the problems that these patterns represent for both systems and security operations teams must not be overlooked. IT systems management. IT asset discovery, and threat detection and response functions all take advantage of real time and historic visibility into user, device, application, and network connection activity. And to be really reliable, endpoint visibility and tracking ought to work no matter where the user and device are running, be it on the network (local), off the network but connected (remotely), or detached (not online). Present remote working patterns are significantly leaving security and operational teams blind to prospective problems and hazards.

The mainstreaming of these trends makes it even more hard for IT and security groups to restrict what was previously considered greater threat user behavior, for example working from a coffeehouse. However that ship has actually sailed and today security and systems management teams have to have the ability to thoroughly track device, network activity, user and application, detect abnormalities and inappropriate actions, and enforce suitable action or remediation regardless of whether an endpoint is locally linked, from another location linked, or disconnected.

Additionally, the fact that lots of employees now regularly gain access to cloud-based applications and assets, and have backup USB or network connected storage (NAS) drives at their homes further magnifies the requirement for endpoint visibility. Endpoint controls frequently supply the one and only record of remote activity that no longer always terminates in the corporate network. Offline activity presents the most extreme example of the need for constant endpoint monitoring. Plainly network controls or network monitoring are of little use when a device is running offline. The installation of a suitable endpoint agent is crucial to ensure the capture of very important security and system data.

As an example of the kinds of offline activities that could be spotted, a customer was recently able to monitor, flag, and report unusual habits on a business laptop. A high level executive moved large amounts of endpoint data to an unapproved USB drive while the device was offline. Because the endpoint agent had the ability to gather this behavioral data throughout this offline duration, the customer was able to see this unusual action and follow up appropriately. Through the continuous monitoring of the device, applications, and user behaviors even when the endpoint was detached, provided the client visibility they never had before.

Does your company have continuous tracking and visibility when employee endpoints are not connected? If so, how do you achieve this?