Is cloud security losing sight of endpoints?

Is cloud security losing sight of endpoints?

Cybersecurity is changing rapidly, and important security elements may be left behind in the race to keep up with attackers. For example, cloud and mobile computing have transformed the way organizations do business, forcing cybersecurity to make big changes as well. Once smartphones began operating in the workplace and computers adopted software-as-a-service (SaaS) applications, security behind an enterprise firewall was no longer achievable. As organizational devices and data traveled beyond the office, old castle and moat The cybersecurity approach has become obsolete.

Cloud-based services have become increasingly popular, causing many cybersecurity providers to shift their focus to cloud security. However, in the rush to protect the cloud, other attack vectors, such as endpoints, are being neglected. This can be a costly oversight, given the extensive libraries of published vulnerabilities available on the Internet. the MITER The corporation has cured decades of Common Vulnerabilities and Exposures (CVE) for operating systems, applications, and software libraries. Are threat actors more likely to spend time trying to break cloud security or exploit known tactics against vulnerable cloud-connected devices?

Cloud security does not need to be compromised when attackers can simply exploit devices that are already trusted. Even the way some providers implement cloud security can expose endpoints to risk. Consider these two popular cloud-based endpoint security methods:

  1. Cloud services send up-to-date information on threats and security patches to connected clients
  2. Customers sending threat telemetry to the cloud, where it is analyzed by the provider’s services

These methods have advantages and disadvantages, but the obvious question to ask is What happens to endpoints that lose connection to the cloud?

Devices can lose connectivity to the cloud for a variety of reasons. Some technologies may only be used occasionally and may be turned off most of the time. Some devices may experience issues with automatic software updates that cause security patches to fail. Other devices may refuse to apply certain updates because they conflict with existing software that is critical to productivity. Whichever the case, endpoints that rely on the cloud for security can become vulnerable when not continuously connected to it. For this reason, cloud security alone is not a sufficient solution to defend against cyber attacks. Businesses need a platform that protects cloud-based transactions and endpoints alike.

Neglecting individual safety leads to collective failure

Many security procedures are based on systems that have a single point of failure. Consider passwords. If an organization uses passwords, but no other form of identity authentication, it is exactly one step away from being compromised. Of course, many modern businesses use some form of multi-factor authentication (MFA), so this may seem like a moot point. However, consider one of the most popular ways remote employees connect to the workplace: virtual private networks (VPNs). When a user authenticates through the VPN, her credentials are approved for the the net. Just as a single password can grant a user access to a machine, a single successful VPN login authenticates a user to the entire network. This is a single point of failure network access approach.

BlackBerry avoids problems like this by taking a holistic, multi-layered approach that protects organizations across the cloud, network, and endpoint. For example:

  • BlackBerry protects terminals with CylancePROTECT, an on-device AI-based security agent that detects and prevents malware threats with over 99% accuracy. Devices remain continuously secure and capable of performing local threat detection and remediation, regardless of their connectivity to the cloud.
  • CylanceGATEWAY provides secure access to SaaS applications and other cloud resources by authenticating users to specific applications, not to the entire network. Provides split tunneling functionality to allow encrypted business communication to occur alongside open browsing. It also uses Cylance AI to detect suspicious behavior throughout the environment, an important feature for implementing Zero Trust Network Access.
  • CylanceGUARD provides organizations with a managed extended detection and response (XDR) platform staffed 24/7/365 by professional security analysts. This service offers companies a way to overcome the massive cybersecurity skills gap that makes it difficult to establish an internal SOC. Managed XDR provides organizations with trained security analysts operating a world-class cybersecurity suite at an affordable cost.

Securing the cloud is important, but so is the security of devices, user accounts, and applications. If a device is compromised and legitimate user credentials are used for VPN in an environment, the network is compromised. BlackBerry solves this problem using Cylance AI to protect individual devices by limiting remote access to approved applications and continuously monitoring the environment for threats.

MSSPs can increase security coverage for customers

Protecting cloud-based assets is a top concern for the cybersecurity industry, which is why so many vendors focus narrowly on their cloud capabilities. However, partnering with a provider that only excels at cloud security leaves half the problem unsolved. MSSPs can help their customers by ensuring that devices, networks, and cloud services enjoy the same level of protection.

Of course, it is important that MSSPs partner with a security provider that offers the necessary services without requiring that they also accept unnecessary ones. Some vendors will not provide specific pieces of a security platform separate from their full suite of cybersecurity tools. This leaves MSSPs in a position where they risk duplicating their offerings or losing significant control over their cybersecurity services. Fortunately, other providers are friendlier to MSSP and willing to accommodate service providers’ needs.

If you’re looking for an advanced security solution that protects your customers in the cloud and beyond, visit our BlackBerry MSSP Partners page.

Guest blog courtesy of BlackBerry Cylance. Read more BlackBerry Cylance blogs here. Regularly contributed guest blogs are part of the MSSP Alert sponsorship program.

Leave a Comment