Endpoint security is definitely an approach that I favor. Keeping a network secure is an immense challenge that requires constant work and vigilance. Why introduce a client or server to your network before making sure that the device is as security hardened as possible?
In my data center work experience, a very significant percentage of the major network vulnerabilites I've had to fix were caused by the introduction of poorly secured computers. It's a surprisingly common blunder.
Network-based information security attacks have been making the news with increased frequency throughout 2014. It's even gotten to a point where a lot of those incidents are being reported in mainstream publications and websites. And you can bet that for each incident that makes the news, there are possibly thousands more that we don't get to read about.
A lot of these problems can be prevented with a solid endpoint security strategy. Are corporations and institutions going to get smarter about it? In the rapid pace of tech, how will endpoint security implementation evolve in 2015? From my keen observations of what's going on in the IT world, here's what I predict.
As personal and business smartphone usage has exploded since about 2007, people who work in office environments carry their work home with them on the same devices they use to watch cat videos on YouTube, empty their wallets with Candy Crush Saga, and conduct their personal banking. Many of them even use their phones to pay for stuff in malls and restaurants, thanks to NFC payment apps such as Google Wallet and Apple Pay. Businesses will often allow BYOD (bring your own device), thinking that it'll increase productivity and save them money by not having to purchase mobile devices for their employees.
But BYOD introduces a multitude of security problems to corporate networks, even when they don't contain a business's sensitive data. The app payment, banking, and NFC payment examples I cited are examples of how sensitive personal financial data may be on employees' personal phones and tablets.
Also, mobile malware is an ever increasing risk.
“As consumers and businesses shift to using mobile devices for a greater percentage of their daily activities, cybercriminals will place a larger emphasis on targeting these platforms - specifically Android and jailbroken iOS devices. Remote find, lock, and wipe aren't enough,” said Mark Bermingham of Kaspersky Lab.
It also makes it far too complicated to thoroughly run a penetration test and security harden an office's network when so many employees' own devices get connected to it. “Attention employees! Give us all of your personal smartphones for 36 hours so that we can test their security!” Yeah, that will go over well.
So, in 2015, I believe that many businesses that have BYOD policies will scrap them altogether. They may either switch to CYOD (choose your own device that's completely administered and controlled by an IT security policy) when smartphones and tablets are completely necessary for work, or eliminate work done on mobile devices if it's functionally possible. More and more often, we may see USB ports in office PCs being carefully controlled so that employees cannot mount the filesystems of their personal devices to them.
A different antivirus approach
Both consumer and enterprise antivirus software tends to work based on signatures. If antivirus developers constantly keep up on the latest malware and crypters (programs used to help malware evade signature antivirus shields), their software will usually do a great job of preventing some malware infections. But for obvious reasons, signatures are useless for zero-day attacks.