Our world is interconnected. It is made up of networks of varying configurations and sizes, existing within both public and private environments. It is through the connection of these networks that information flows, with the Internet being the largest network of them all, connecting billions of users. However, allowing information to flow freely between users also means that harmful, malicious information, in the form of executables and applications, can also flow freely, potentially infecting PCs everywhere. This is where Information Security comes into play.
Organizations use the internet to communicate with business partners, customers and employees, as well as to conduct some or all of their business operations. That’s why security is of paramount importance, and the reason organizations deploy Firewalls, Anti-Virus, Intrusion Detection/Prevention Systems (IDS/IPS), EDR platforms and other security measures at the point of entry/exit to the huge public domain that is the internet – to prevent undesirable data or users from gaining access to their private network.
Internal security deals with threats to security that emanate from within this private network that may damage the business continuity of the organization. Analyst firms estimate that over 80% of breaches to a company’s secure information originate from within the company itself. This begs the question: if the network has been secured, how do security threats originate from within?
The answer is simple: users are fallible. They may either accidentally or maliciously cause damage to company networks by contravening company policy. This is true even of technical staff; if a security or systems administrator does not configure network or security settings correctly, or if a technical fault prevents some workstations from receiving hotfixes, the integrity of the internal network remains at risk. Therefore, security problems that can lead to serious business interruption may be caused by user activity, technical faults or direct attack.
Numerous and rapidly growing number of simple methods through which users are able to create a back door into their networks, have led companies to find that their internal security is increasingly being compromised. These simple methods can effortlessly circumvent all of the existing gateway security products, posing as great a threat to the company as those attacks that come from outside the corporate network.
The potential damage from such threats varies from loss of sensitive information to network shutdown. Needless to say, this can result in production loss, and a waste of expensive network resources which may, in extreme cases, risk the very existence of the company.
Clientless Endpoint Security Management solutions can provide IT security-departments complete independence to manage and control the security of all the endpoints and servers within the organization. Being clientless gives these platforms a significant advantage over solutions that are client-based, in that there is no issue of software conflict on any machine. Moreover, a company does not need to maintain specialist staff to manage and support these agents, and there is never a need to check that the agents have not been disabled and are working properly. Additionally, a client-based solution usually deals with only one aspect of internal (endpoint) security that manages hardware or application control; clientless technology, on the other hand, provides a solution for the full scope of internal threats. Clientless technology can also verify that agents that are deployed on an endpoint – Antivirus/3rd Gen Antivirus, DLP, Personal Firewalls, Application Control and others – are in fact working properly, fully updated and have not been tampered with.