I’m preparing a webinar on endpoint security and was thinking about the problem while on a flight to Chicago. Consider it this way: in an organization with 10,000 employees, you’ve got your servers in the data center managed by IT. But you’ve got 10,000 more machines with the same – or more – complication than those servers. These machines also have access to sensitive data and often store it themselves.
But there’s more. Those 10,000 machines are managed by non-technical people who have the same system-level privileges as trained and certified system engineers. And not only that, but those 10,000 machines are not in your data center but out of your physical control, often operating in external environments away from really important network security controls such as firewalls, data leakage prevention, command & control detection, and intrusion prevention systems. These are our endpoint systems. Is it any wonder we are living in the era of colossal security breaches?
This is insanity, but there is a way out.