The days of institutions keeping all their data in a secure perimeter are over. Data is now stored and used on endpoints everywhere, from laptops and smartphones to physical and virtual servers. Increasingly, attackers go after endpoints because they often house sensitive data and are less secure. Unfortunately, endpoint protection can be extremely challenging. Endpoints are dynamic, with users constantly adding and changing software, and threats evolve rapidly.
Use these tips to ensure your endpoint protection measures are up to the task.
1. Follow the Data to Improve Campus Security
Security pros are shifting their focus from platform security to data security for an important reason: Many platforms, such as cloud services and user-owned mobile devices, are beyond their control. The new goal is to protect data wherever it goes; for example, with enterprise mobility management tools that permit remote access to sensitive data but don’t allow it to be stored on endpoints. Take an inventory of where your sensitive data is stored. Any such data stored on endpoints without sufficient protection should be addressed immediately.
2. Check for Endpoint Segmentation
Inevitably, endpoints will be compromised. When they are, it’s better if they have limited access to other endpoints.
Check a sampling to see what endpoints can access. At minimum, only endpoints with similar trust profiles should be allowed to connect to the same network segment. For example, institutional servers should not use the same segment as faculty- and staff-owned mobile devices. Also, that segment should not allow the mobile devices to interact with each other.
3. Evaluate Usability for Campus Technology
One challenge in endpoint security is the need to strike the right balance between strong controls and a seamless user experience. Users will generally accept a few security controls, such as providing a username and password, but the more tasks users must do, the more likely they are to try to circumvent controls.
An assessment of endpoint protection should include interviews with a cross section of users to see how security affects them, along with hands-on usage to see for yourself how the user experience varies among platforms. Usability issues should be addressed on a case-by-case basis, whether that means training users to navigate controls more easily or reconfiguring (or even replacing) problematic security controls.
4. Consider Next-Gen Ed Tech Tools
The newest solutions offer cognitive endpoint security features, leveraging artificial intelligence, machine learning and similar advances to improve decision-making by distinguishing between benign and malicious activity. These solutions work best in environments with mature security programs, so assess your institution’s readiness to take advantage of advanced protection.