Chuck Leaver – You Need Continuous Endpoint Visibility Even When Devices Are Offline

Written By Roark Pollock And Presented By Chuck Leaver Ziften CEO

 

A survey recently completed by Gallup found that 43% of Americans that were employed worked from another location for some of their employment time in 2016. Gallup, who has been surveying telecommuting patterns in the United States for almost a 10 years, continues to see more employees working beyond standard offices and more of them doing so for more days from the week. And, obviously the number of connected devices that the typical staff member uses has increased as well, which assists drive the convenience and preference of working far from the office.

This freedom surely makes for better staff members, and one hopes more productive staff members, however the issues that these patterns represent for both systems and security operations teams ought to not be overlooked. IT systems management. IT asset discovery, and danger detection and response functions all benefit from real time and historical visibility into user, device, application, and network connection activity. And to be really efficient, endpoint visibility and monitoring ought to work regardless of where the user and device are operating, be it on the network (local), off the network however linked (remotely), or detached (offline). Existing remote working patterns are significantly leaving security and functional groups blind to prospective problems and risks.

The mainstreaming of these trends makes it much more challenging for IT and security groups to restrict what used to be considered higher threat user habits, such as working from a coffeehouse. But that ship has actually sailed and today security and systems management teams need to be able to adequately monitor user, device, application, and network activity, find abnormalities and improper actions, and enforce appropriate action or fixes no matter whether an endpoint is locally linked, from another location connected, or detached.

In addition, the fact that numerous workers now regularly gain access to cloud based assets and applications, and have backup network or USB connected storage (NAS) drives at their homes additionally magnifies the requirement for endpoint visibility. Endpoint controls often supply the one and only record of remote activity that no longer necessarily ends in the organization network. Offline activity provides the most severe example of the need for constant endpoint monitoring. Plainly network controls or network tracking are of negligible use when a device is running offline. The installation of a suitable endpoint agent is crucial to guarantee the capture of all important system and security data.

As an example of the kinds of offline activities that could be detected, a customer was recently able to monitor, flag, and report unusual habits on a business laptop. A high level executive transferred large amounts of endpoint data to an unapproved USB stick while the device was offline. Because the endpoint agent was able to gather this behavioral data during this offline period, the customer was able to see this uncommon action and follow up appropriately. Continuing to monitor the device, applications, and user habits even when the endpoint was detached, provided the customer visibility they never had previously.

Does your business have constant tracking and visibility when worker endpoints are on an island? If so, how do you do so?

~leaverchuck1


No Responses Yet to “Chuck Leaver – You Need Continuous Endpoint Visibility Even When Devices Are Offline”

Leave a Reply