By Shailesh Athalye, Vice President, Compliance Solutions,
Qualys
COVID-19 has raised many
questions about the maintenance of privacy, data protection, security and
compliance of organizations. The norms considered to be the standard practice
took a drastic turn when organizations of all sizes were forced to shift to
remote-working arrangements almost overnight. With remote work still going
strong, the pandemic leaves organizations vulnerable to security breaches
largely because of the expanded attack surface. This has raised key
deficiencies including:
Inefficiency of
traditional enterprise security solutions
As organizations looked for
ways to secure their endpoints, it became immediately clear that traditional
enterprise security solutions deployed within the network were completely
ineffective in protecting remote endpoints. The sheer volume of remote
endpoints connecting over VPN gateways caused bandwidth pressure, making it
impractical to have large security updates delivered to thousands of
endpoints.
Security teams are challenged with the task of
efficiently using limited VPN bandwidth while being mindful not to choke the
VPN gateways, as they prioritize updates and patches based on threats and
vulnerabilities.
Inability to discover and
accurately assess the security of remote endpoints
As remote endpoints connect
to key assets inside the organization's network, it has become increasingly
important to continuously discover and secure this valuable data from malicious
attacks by maintaining strong security hygiene. Network perimeter security
devices cannot protect remote endpoints as a line of defense from malware
attacks and intrusions. With attackers exploiting non-traditional technologies
such as productivity software like Zoom, Teams, Browsers, and VPN tools on
remote endpoints, organizations need to include security, configuration and
patch management in their overall security strategy.
Rapid Change Brings
Opportunity
The most effective way of
managing the security of these remote endpoints is to leverage cloud-based
solutions. Cloud-based solutions are architecturally superior at addressing
remote endpoints because they connect directly to the cloud over the internet
without routing a large volume of traffic through VPN gateways. They provide
companies with visibility into every endpoint to discover vulnerabilities that
may exist and allow them to be secured through high-priority remediation.
Misconfigurations and compliance gaps that lead to security breaches can also
be identified.
In March, when the sudden
shift to remote work took place, Qualys leveraged its cloud expertise,
gathering insights and experiences from existing customers and released a
remote endpoint protection service, which it provides at no cost for 60 days. Qualys
Remote Endpoint Protection leverages the Qualys Cloud Agent and its cloud-based
architecture to deliver complete visibility into all remote endpoints.
Additionally, it provides the ability to remotely patch these systems and
detect malware that anti-virus software may have missed. This approach offers
real-time, up-to-date vulnerability and configuration posture with the ability
to respond with zero impact to the organization's internet bandwidth and
connectivity, which becomes critical in the current scenario.
The Remote Endpoint
Protection service allows organizations a continuous and up-to-date inventory
of all remote endpoints connecting inside the network by providing metadata of
open ports, running services and all software and applications on the remote
endpoint such as productivity tools, security solutions, and development
software with their EOL/EOS status.
The service enables security
teams to gain visibility into vulnerabilities and misconfigurations in
productivity, collaboration and development tools such as Zoom, Office, Teams, and
open source tools, prioritizing those mapped to active attacks, exploit kits or
which can be exploited by malware. The service goes beyond just the detection
and provides a clear list of patches correlated to these vulnerabilities and
enable organizations to deploy security patches to prevent attacks from
happening on the remote endpoints.
Commenting on the solution,
Daryl Petersen, Vulnerability Manager at ATN International, stated, "ATN
International needed a way to protect both its on- and off-premises endpoints,
as one of its biggest challenges was securing remote employees' workstations. With
Qualys Remote Endpoint Protection, we can correlate vulnerabilities with
available patches and actually patch remote endpoints directly from the
internet all without having to use our VPN bandwidth. This was a huge benefit
to us when the majority of our workforce was suddenly working remotely."
To learn more about Qualys
Remote Endpoint Protection or to sign up visit, https://www.qualys.com/forms/remote-endpoint/
##
About the Author
Shailesh Athalye, VP of Compliance Solutions, Qualys
Shailesh Athalye (CISA, CRISC, CEH, ISO 27001 LA) drives product management and engineering for Qualys’ line of compliance products including Policy Compliance, File Integrity Monitoring, and Security Assessment and Questionnaire. With over 15 years of experience in the fields of IT, GRC and information security, he is a driving force for creating innovative ways to streamline risk, configuration and compliance management use cases.