Endpoints* are so versatile these days. While they can be found virtually anywhere and do almost anything, they can also make an organisation vulnerable to security threats.

According to John Martin: “Everyone is literally a target. An endpoint presents a valuable target for a cyber criminal.”

So why are endpoints such a security risk?

Endpoints are dynamic environments with numerous programs and plug-ins that are really difficult to secure. They have unpredictable patterns of usage which make them appealing targets and difficult to defend. They’re also very valuable: they have access to all the data needed to conduct the organisation’s actual business in the least protected area of an organisation.

Even if the sensitive data isn’t actually available, the endpoint’s computing power and bandwidth is a valuable resource: if a criminal can infiltrate it, they can use it for distributed password cracking.

A good example of this is the recent Sony Computer Entertainment hacking scandal**, where over 77 million account holders were affected by a large-scale security breach. During April 2011, personal details including names, birthdays and billing addresses of Playstation 3 customers were potentially exposed to hackers.

This case taught us all a valuable lesson: If a global corporation like Sony is susceptible to being hacked, then midsized businesses are most certainly open to the same risks.

While endpoints are difficult to manage manually, companies like IBM can help even the smallest companies with relatively simple cost-effective solutions such as Tivoli Endpoint Manager. This software enables you to encapsulate those issues into a compliance framework and provides you with a holistic view of all your company endpoints.

A robust framework that covers security risk and compliance can remediate a lot of the issues straight away. So while the risks are great and the threats seem complex, there are a number of relatively simple business solutions available.

Research from Secunia*** has shown that you can significantly reduce your security risk by identifying and patching the most vulnerable software programs in your network, many of which are also among the most prevalent applications.

Taking control of your endpoint security is crucial, but with reputable partners like IBM on your side, it can be simple and cost-effective to protect your organisation.

*Endpoints are the gateways of network connections and can generate or terminate the information stream. They can be anything from your mobile phone, your laptop or PC, and even your organisation’s network printers.

** The Australian – http://www.theaustralian.com.au/australian-it/sony-playstation-hack-hits-700000-australians/story-e6frgakx-1226045764154

*** http://secunia.com/blog/231

It’s no secret that cybercriminals like to prey on easy targets.

Which is why it’s important for organisations to remove temptation and reduce risk by addressing the areas of your IT infrastructure that may be most vulnerable.

Security breaches not only threaten your sensitive data, but your organisation’s reputation as well. Sony Computer Entertainment discovered this in April 2011, when over 77 million of their account holders were affected by a large-scale security breach.

What is compliance?

Compliance is meeting the standards set for the way endpoints* are configured. These standards could be set by the organisation, professional bodies or the government.

It is not necessarily top of mind for midsized businesses, because they already have their own processes and may not have felt the effects of a security breach, but it is something that should be considered as part of a holistic approach to security.

How can I secure my organisation?

For midsized businesses, a good option is to implement a simple, effective, software-based system that won’t slow down your organisation’s network.

Endpoint management software like IBM’s Tivoli Endpoint Manager should be deployed with the tools that can help you automate the process of downloading the latest security definitions, operating systems and application patches while allowing you to evaluate your hardware estate.

Ideally, your security program should also alert you when an endpoint is not compliant and where possible, provide an automated response to the non-compliance issue. For instance, if someone has installed an unauthorised piece of file-sharing software, it will warn you so you can instantly uninstall it.

Who can help?

These days, big name companies in the marketplace are geared to assist midsized businesses with simple cost effective solutions. Third party suppliers like IBM, regularly offer free consultations and trials so you can test for yourself the suitability of their offerings.

Simple, effective solutions are the best way to deal with security risks. Once you’ve made your decision, the software can be installed and active in a very short period. If your current solution is absorbing too much of your organisation’s time and energy, it may be worth investigating the software solutions offered by IBM.

*Endpoints are the gateways of network connections and can generate or terminate the information stream. They can be anything from your mobile phone, your laptop or PC, your and even your organisation’s network printers.

** The Australian – http://www.theaustralian.com.au/australian-it/sony-playstation-hack-hits-700000-australians/story-e6frgakx-1226045764154