Identifying vulnerable entry points

BrandPost By Diane Garey
Sep 15, 2015

blog1 tenable

The digital transformation is definitely changing how businesses operate. And, as businesses continuously gravitate towards cloud, mobile and even the Internet of Things, how organizations ultimately define – and ultimately protect – networks is evolving and expanding.

The potential impact of this evolution is crystal clear when looking at recent analyst predictions that anticipate significant growth in the amount of corporate data bypassing perimeter security and flowing between mobile devices and the cloud. With more data not passing through traditional firewalls, a key question for security professionals is whether or not this evolution makes any particular endpoint category more vulnerable than any others. It may be relatively easy to set vulnerability levels according to the level of data or network access associated with an endpoint. However, taking this approach essentially ignores a host of other aspects playing a role in accurately determining vulnerability.

Whether the focus is on cloud, mobile or any other connected device, it’s important to remember there are a lot of factors contributing to vulnerability levels. For instance, if the device under consideration is a laptop it could be running java, flash, etc., that need constant updates. If the user has disabled updates, the level of vulnerability could be increasing daily. Or, in the case of a mobile device emerging vulnerabilities present reason for concern; for example, the recently identified StageFright vulnerability targeting Android devices has security professionals scrambling for a solution since malware can be delivered to the device via a text message without any need for user action . 

At the same time, endpoint ownership and control has sifted significantly as well. For example, lines of business are establishing their own connections to SaaS environments with hopes of rapidly addressing business requirements. This approach understandably creates new endpoints. The same is true as BYOD strategies take hold within the enterprise. Not only can BYOD bring a new set of systems with different operating systems into the environment, but different groups are often responsible for managing these systems and may or may not include the security team in decisions about policies and management.

Bottom line – it’s extremely difficult to declare one endpoint as more vulnerable than another. As a result, having visibility is crucial whether IT and security professionals are monitoring a new device or traditional infrastructure. As IT evolves security must find new ways to work on more more fronts. Security still needs to be able to influence or at least be aware of what is happening. This is where a solution capable of integrating protection across a wide range of endpoints and the ability to provide a complete view into the network can make a significant difference.