Endpoint Security
Securing end-user devices—smartphones, laptops, tablets and other mobile and IoT endpoints—has become a hot-button issue for IT leaders in government and beyond. Explore how Verizon’s advanced wireless network and portfolio of security solutions help protect endpoint devices.
The convenience of smartphones and other endpoint devices is undeniable. Smartphones, laptops, tablets and other mobile devices empower people to communicate and collaborate via wireless networks from almost anywhere. Security cameras and other IoT devices enable organizations to gather a steady stream of data remotely and conveniently. But these capabilities come at a cost. For public sector organizations, the cost can be high. Security breaches can hobble network operations and reduce data integrity, disrupting organizational progress and halting critical services. Here I explore the security challenges raised by endpoints and highlight a wide range of policies and solutions that help keep them safe.
To get an idea of the often-hidden security threat posed by endpoints, just take a look at your smartphone. It may seem like a reliable, safe device, but smartphones are rife with security risks. You could access sketchy web content, sites or applications, accidentally downloading malware. While traveling, you could use an unsafe Wi-Fi network and expose your organization to network-based threats. You could click on a rogue SMS message (called “smishing”) and inadvertently give a fraudster your sign-in credentials, enabling unauthorized access to organizational systems. If you’re experimenting with artificial intelligence (AI)—like having AI rewrite an internal memo you’re sending sensitive data into the public realm. You could be using an older operating system without the latest security features. Or more likely, one or more of the dozens (or hundreds) of IoT devices on your network could have unaddressed security vulnerabilities. You could use your phone’s camera to take a photo of a restaurant menu QR code, only to find that it’s been replaced with a fake QR code—one that links to a bad URL that lets hackers hijack your phone. Then there’s the aptly named OMG1 cable, a new tool in the cyber attacker’s arsenal. It looks exactly like a regular mobile phone charging cable but it actually houses a tiny network access point that lets nearby hackers commandeer your phone and all the data and applications on it.
The risks are real, and rising
If you’re a vigilant smartphone user, the wide range of potential risks may sound unlikely to you. But unfortunately, not all mobile device users are careful, and even if they are, mistakes happen. In fact, mobile device users are often victims of cyber thieves—and the public sector is vulnerable.
Here are the hard facts from the latest Verizon Mobile Security Index (MSI) report, 2 which highlights mobile security trends and provides data-fueled insights:
- Mobile devices are risky
75% of phishing victims were using mobile devices. - Governmental organizations are a popular target
70% of public sector respondents report that they have experienced a security incident involving a mobile phone or IoT device. - Mobile security breaches cause havoc and can endanger lives
53% of all companies experienced a mobile or IoT breach that caused data loss or downtime. 85% of public sector respondents agree that a breach in their organization could endanger lives. - Threats are on the rise
85% of respondents agree that mobile device threats have increased during the past year.
The data doesn’t lie. It’s clear that endpoint management has become a top security issue for the tech industry and governmental organizations that rely on mobile devices and IoT endpoints.
Endpoint security is a topic I feel passionate about, because I think that the level of risk is outpacing the controls currently in place. In short, the bad guys have the upper hand — and I don’t want to lose the fight.
The expanding use of mobile and IoT devices is creating new risks for organizations, thanks to unprecedented threats from cybercriminals, empowered by AI and other sophisticated tools and strategies. Verizon’s advanced wireless network and portfolio of security solutions help protect endpoint devices—reducing vulnerabilities and enabling important work and services to continue uninterrupted.
Fighting the bad guys is a shared responsibility
On the frontline of device security, manufacturers of mobile and IoT devices are adding increasingly robust security features to their operating systems and devices to combat escalating threats. At the network level, Verizon and other network providers are reducing bad traffic and embedding security into their networks. And governmental organizations are tackling endpoint security, which has become an issue that’s now on the radar of CISOs and other leaders. The Bring Your Own Device (BYOD) approach to mobile device use is under closer scrutiny, since privately owned and managed devices have been the source of breaches. More and more organizations are moving to central management of devices, which enables tighter controls and greater security. And they’re helping educate their personnel— particularly those with privileged access to sensitive data or systems—about how to use their devices safely, protect valuable information and spot even the most sophisticated threats.
Clear policies can boost protection
Establishing clear policies can help your organization bolster its endpoint security. Acceptable use policies establish where and why employees can connect their mobile device to your network. Encryption policies define where confidential data can or can’t be stored (e.g., on a personal mobile device) and how to encrypt data before storage. Password security policies address a major issue—static or shared passwords. Technical update policies encourage users to update software on a regular basis, particularly on personal devices.
But endpoint security raises a thorny issue: how to balance the freedom of users with the safety of their organizations? Some agencies limit BYOD use to personnel with minimal access to organizational systems. Other groups, particularly those that deal with sensitive data or operations, are taking a tougher stance, locking down their devices and embedding stringent security. But while managing devices centrally can reduce risk significantly, there’s no failsafe way to ensure endpoint security. It may be an organizational priority, but endpoint security relies on personal responsibility. And people can make mistakes, particularly when faced by increasingly canny cyber thieves’ intent on gaining access, stealing sensitive data and extorting organizations for financial gain.
What is Verizon doing to increase endpoint security?
Recognizing that the network plays a key role
Verizon builds extensive security into our networks and offers a wide range of solutions and services focused on addressing this daunting challenge. After all, we’re a security leader with 20+ years of experience. We have nine security operations centers worldwide. And we process an average of 61 billion events yearly.
Detecting threats early
We work to shut down bad mobile traffic before it reaches end users across the entire Verizon network spectrum. We detect and eliminate malware and other threats. We protect users from inbound attacks, negligence or abuse. And we provide faster detection of (and response to) threats.
Our portfolio of solutions
Mobile Threat Detection, which defends your organization from a wide range of threats, and Mobile Device Management, which helps manage devices, employee access, privileges and policies—keep your data secure and your organization safe. Our mobile security assessment solutions assess your needs and help ensure that you have the right policies in place. In addition, Verizon offers a variety of services for consumers, small businesses, state and local governments and federal agencies—all geared toward protecting endpoints.These services include our consumer Verizon Protect application, Verizon Business Internet Security, Verizon Mobile Internet Security, and our Zero Trust Network Access solutions which help secure your network, devices and applications. These solutions are just part of our ever-expanding mobile security portfolio, designed to meet the evolving security needs of our customers.
Knowledge helps outsmart the bad guys
Boosting endpoint security means staying up-to-date on the latest threats and the most effective strategies for reducing vulnerabilities. After all, winning the fight against cybercriminals is a team effort. Informed, “security-first” organizations— and their mobile device users—are essential to beating the bad guys.
Explore our mobile security offerings
Read the latest updates on real-world breaches in our annual Data Breach Investigations Report (DBIR), the authoritative source of cybersecurity breach information.
Gain insight into the latest mobile security threats— and how to help protect your organization.