FEATURE : ENDPOINT SECURITY
Nicolai Solling , Chief Technology Officer
Help AG resources and commitment for tight integration needed for higher-value analytics and automation . Third , most all vendors seem to focus on extended detection and extended response , skipping over the middle stage of investigation and validation . As a result , human security professionals still have significant effort ahead of them , especially as threat and alert volumes continue to grow .”
Samer El Kodsi , Channel Sales Director , Emerging Markets , EMEA , Palo Alto Networks , said with the massive technological innovation over the years , the cybersecurity sector has had to adapt and create new solutions for better safety of people and organisations .
EVEN BEFORE THE IMPLEMENTATION , WHEN EVALUATING AN ENDPOINT SOLUTION , RESELLERS SHOULD CONSIDER DIFFERENT KEY FACTORS IN CHOOSING THE RIGHT VENDOR .
“ About 20 years ago , an organisation ’ s data was behind corporate headquarters but now people have immediate access to data from the cloud through laptops , tablets and other devices ,” he said . “ Because we now have data everywhere – it is important to shift from the ‘ layered defence model ’ to the ‘ zero trust model ’, which is the ability to microsegment parts of your data or network environment and apply visibility and control . With the zero trust model , you can microsegment all your critical assets including machine , server or endpoint from the rest of the network with full visibility and available controls .”
Pitfalls to avoid
With endpoint protection management the number one priority for many organisations in MEA , what pitfalls should CIOs avoid when implementing endpoint security solutions ?
Solling said CIOs should avoid thinking that all solutions are created equal . He added that the market contains many solutions with great capabilities , but it is also important to assess the effort required to operate and manage the solution before implementing it . “ Running and operating an endpoint solution is relatively simple and most organisations of a certain size have this capability . However , getting value out of the data generated from a solution is a specialised task that requires insight into how systems and applications operate and being able to decipher data points is what takes a solution from good to great ,” he enthused . “ Thus , organisations should build their reservoir of these advanced skills through investing in existing employees with specialised training programmes , as well as investing in new hires to bring endpoint security experts into the organisation .”
According to Mazibuko , many organisations are migrating from endpoint protection platforms ( EPP ) to endpoint detection and response ( EDR ) route . “ XDR is a new approach that provides visibility across endpoint , cloud , network and third-party data . This enrichment truly breaks down the silos taking endpoint security management to the next level ,” he explained .
He said the convergence of network and security has brought the industry the secure access service edge ( SASE ). “ This cloud-native model provides the benefit of a unified platform without the burden of legacy infrastructure . The solution is perfect for the hybrid work model , allowing efficient and secure access to cloud resources and seamless access to on-premises applications ,” he said . “ This convergence brings the best in connectivity ( SD-WAN , NaaS ) and security ( FWaaS , endpoint security , web security and network security ).”
Remote working
Given that most organisations are promoting remote working and adopting hybrid work models , CIOs need to factor in several considerations and scenarios when developing a comprehensive endpoint security management policy .
Meriam Elouazzani , Regional Channel Manager META , SentinelOne , said with many employees now working from home , organisations are exposed to a vastly increased attack surface and must re-assess their endpoint security strategies to ensure they are equipped for this new environment .
Elouazzani said it is no trivial task to provide the same levels of security for all these employees , operating outside the ( relatively ) safe perimeter of their offices and local intranet . “ It ’ s best if organisations use endpoint security software that protect it against unknown forms of ransomware and other cyberattacks . One way to do that is through endpoint protection platform ( EPP ) that uses predictive execution inspection engines that go beyond file-based analysis – even mathematic algorithmic analysis – that observes the actual execution of every system process
36 INTELLIGENTCIO AFRICA www . intelligentcio . com