Story image

Locking the bathroom window

01 May 10

Security at the network gateway, or in the cloud itself, can improve your security posture, but if you were only allowed one sort of security solution, you'd want it
to be endpoint-based, for four main reasons:

  • Endpoints are the nucleus of most malware attacks, even if the final target is not the endpoint itself.

  • Endpoints are where your confidential and encrypted data is most likely to be unscrambled for presentation.

  • Endpoints are almost always not just on your network, but inside it.

  • Endpoints are increasingly the gateway into your network for new content.

    You might disagree with the last point, but data which enters your network via a traditional gateway device might only become available when it reaches the end- user, thanks to encryption. Such data doesn't really exist (or, at least, is unrecognisable) until it is at the endpoint.

    Data files introduced to a computer via a USB key or another removable device, or files downloaded whilst a laptop is connected to someone else's network, don't pass through traditional gateway devices at all. This means they quite literally don’t ‘exist’ on your network until they first appear on the endpoint.

    Clearly, then, we need to protect endpoints in order to prevent them being owned by cybercriminals. Endpoint malware threatens not only the computer it infects, but also other computers on the network and the reputation of the organisation itself.

    This poses the questions: just what is an endpoint these days, and where does endpoint protection end?

    In the early days of malware prevention, the admittedly-annoying word ‘endpoint’ didn't exist. We just talked about PCs instead. And PCs generally excluded servers and other dedicated devices, being limited to computers running DOS or Windows, issued to individual employees as general business tools. These days, well-informed system administrators aren't so restrictive in their definition.

    Computers not running Windows, such as Macs, are endpoints, too. Sure, they are much less likely to get infected than their Windows cousins, but infection can happen. And they are perfectly capable of being Typhoid Marys, glibly passing on infections to which they themselves are immune.

    Servers, too, are endpoints – not least because they are at the end of a network cable. Often, they run an operating system that is indistinguishable at its core from the one used on laptops and PCs. And since servers generally dish out content to other devices on the network, they too can be Typhoid Marys.

    So where does this leave modern-day networked computers such as point of sale (POS) terminals, kiosks, cash registers, digital signs and the like? Are they endpoints? Or do their special purpose and their carefully-restricted user interface mean you can exclude them from malware risk analysis?

    No, you probably can’t. Increasing numbers of embedded and single-purpose computing devices are not only connected to your regular business network, but also run a core operating system which is similar or identical to the operating systems you use elsewhere. Microsoft's Windows Embedded Platform, for example, comes in a dizzying range of variants, but is very carefully advertised as: "One platform. Endless Possibilities".

    Ignoring your embedded devices is a bit like locking up your house but leaving the bathroom window open on the grounds that it's the smallest opening and the least interesting room for a burglar.

    So if you have decided not to protect your customer's embedded devices such as POS terminals and digital signs, you might want to reconsider. Sure, they generally have a lower surface area of attack than the average laptop, but they can also be the trickiest and most expensive to cure if they do become infected. And if infected, they actively threaten the rest of your network.

    Lock that bathroom window, or at least put burglar guards on it.

The new world of edge data centre management
Schneider Electric’s Kim Povlsen debates whether the data centre as we know it today will soon cease to exist.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
How HCI helps enterprises stay on top of data regulations
Increasing data protection requirements will supposedly drive the demand for Hyper-Converged Infrastructure solutions across the globe.
Vodafone and PNSol champion new ‘invisble network’ broadband project
"As an industry, we've increased the speed of broadband to one gigabit and beyond, which is a remarkable achievement, but we now have to look beyond speed."
Top 3 cloud computing predictions – what’s in store for 2019?
Virtustream's Deepak Patil shares his predictions for how cloud computing will evolve in 2019.
London’s pricy data centres allow Frankfurt to overtake
According to a new report, data centre pricing in the UK is among the highest in Europe, which is seeing other countries prosper.
Rubrik welcomes $261m funding for new market expansion
The company intends to use the funds from new investor Bain Capital Ventures will go toward future innovation and expansion.
Survey finds retailers 'bullish' on hybrid cloud adoption
The retail industry takes no prisoners and that’s made clear in its 'on the pulse' adoption of new technologies.