Our digital transformation is accompanied by a lot of great developments, but it also has a downside. Since we’re all going digital, new cybersecurity issues are on the rise. In 2019 cybercrime alone was worth about three trillion dollars; an amount that will triple in the years to come. Companies need to be vigilant, and that’s something reflected by our numbers. Research from IDG, commissioned by Dell Technologies, shows that cyber security is a major concern for medium-sized enterprises. And yet, it gets too little attention. Although the mid-sized market believes that their endpoint security is in order, it more than often falls short. Here’s why it’s so important.
The importance of endpoint security
“Endpoint security at medium-sized companies is usually lacking,” says James Meakin, security expert at Dell Technologies. For 95% of all cyberattacks, endpoint devices – computers, laptops, tablets, smartphones and other devices that are connected to corporate networks – are targeted. “These endpoints are operated by real people. Busy people trying to get as much work done as possible. And they tend to make mistakes. Employees accidentally clicking on malicious links or downloading dodgy stuff is something we see all too often. That doesn’t make them a criminal, but it’s a risk we definitely need to take into consideration.” In other words: if your endpoint security is not in order, your data is vulnerable. Additionally, this kind of security provides a good structural basis. “Sure, cloud security is a must for a cloud-based companies. But if you don’t have your endpoints in order, you won’t get anywhere.”
Data for the taking
Endpoint problems at medium-sized companies are often twofold. The first is data encryption. “I’m still surprised that so many mid-sized companies don’t encrypt their endpoints,” says Meakin. Taking into account contemporary privacy regulations and things like GDPR, this is a serious problem. “If someone loses a laptop, and that laptop is not encrypted, sensitive data might be out on the street. That’s a data breach; one you must report to the police and will undoubtedly cost you money. Hence, I always tell customers to properly secure their data.”
Out with the old
Then there’s issue number two – one that is arguably even more important – outdated security software. We often settle for a simple firewall and/or antivirus software. For a lot of people that might suffice but make no mistake: classical (legacy) AV software is easily bypassed. Anyone who thinks otherwise is leaving their digital front door open. Meakin: “Traditional security software is comparable to our own immune system. Just like our body, legacy AV software produces antibodies – so-called signatures – to combat viral infections. Classic AV companies constantly monitor new malware that’s hitting the market. Yet, they can only build a signature after a virus has already done its damage. Sure, they update their software once every half hour, hour or day to guarantee security, but this method of combating and protecting does not longer suffice.”
Why? The estimated number of new viruses hitting the worldwide web daily are between 300,000 and 1 million. And they’re a lot more ingenious than they used to be. Meakin: “Malware is very easy to tweak into a so-called zero-day viruses. You can do it, I can do it, everyone can do it, as long as you have the right tools. A zero-day virus presents itself as innocent software that your AV simply lets through. Only when the virus becomes active after a few days, weeks or even months do you suffer the consequences.” In short: legacy software loses its stopping power. It’s no longer able to properly combat modern malware.
In with the new
Fortunately, a new kind of technology is emerging. And it’s one driven by artificial intelligence. “A company like Carbon Black uses AI instead of signatures. They build algorithms that can easily recognize mutated malware as harmful and block it.” It’s security software that has become hugely popular in a short period of time. Since they got listed last summer, “the security world has changed considerably”, according to Meakin.
We can take security in and around your house to contextualize this. Legacy AV-software is comparable to the lock on your front door. It’s an old lock that is easily cracked. “This new generation of AV software adds security strips, four extra locks, steel plates and an alarm system to your door, and secures your windows. Of course, one hundred percent safety is never guaranteed,” says Meakin, “but with this new generation of AV software, sure makes it hard for burglars to get in.”
Yet, a lot of mid-sized companies still don’t feel the urge to upgrade their security systems. “Cyber security’s troubled by the same disposition as the rest of the IT landscape: very few businesses invest in innovation.” The big bucks are often reserved for managing existing security, or in this case, legacy software. “Medium-sized companies are always updating and maintaining their outdated security software solely because they have been doing so for the past fifteen years. What they don’t realize is that there are far better options for securing your data.”
Take IT On
Say you need help implementing these new security measures; what’s the best way to tackle these challenges? By talking to us! As with any other service from Dell Technologies, mapping your IT infrastructure – in this case your endpoint security – is crucial. By talking to your IT experts, we find out what needs to be done. But do this as soon as possible. “Companies often come to us when things go sideways,” says Meakin. “Although we can certainly help, prevention is better than cure. Come to us before it’s too late. We can determine what your company needs and secure your digital assets accordingly.”
Matching your needs with the right solutions is essential. “Dell Technologies has various AV and Endpoint Detection and Response solutions. We no longer implement traditional security software because it does not protect sufficiently.” Additionally, Dell Technologies offers training courses. “Anyone who wants to revamp their IT security should seriously consider the role that employees play.” What Meakin means to say is that it’s critical that your employees are aware of security risks.
The price tag
For many businesses it often boils down to a cost-benefit calculation. At the heart of that calculation seems to be the prevailing idea that solid security is always expensive. But that doesn’t have to be true. “As with all our services, cyber security falls under our single-vendor model,” says Meakin. “This means that when you purchase hardware, we provide you with security solutions that fit your company. You buy or lease products from us for a certain period and we ensure that you’re well protected.” You don’t have to worry about updates or upgrades. “If something needs to be renewed, we will do that for you. That way you’re always protected.”
Additionally, Dell Technologies does monitoring. Manpower is needed to properly protect your endpoints; people who actively keep an eye on your virtual security feed. Normally these types of teams are only reserved for large corporations, but Dell Technologies brings them to mid-size markets. “We have teams for you to monitor your data feed and to ring when something goes wrong.”
Curious to know more about security issues facing the mid-size market today? Download our spotlight paper – in which we map the IT challenges and concerns of medium-sized businesses.