Inefficiency of traditional enterprise security solutions
As organizations looked for ways to secure their endpoints, it became immediately clear that traditional enterprise security solutions deployed within the network were completely ineffective in protecting remote endpoints. The sheer volume of remote endpoints connecting over VPN gateways caused bandwidth pressure, making it impractical to have large security updates delivered to thousands of endpoints.
Security teams are challenged with the task of efficiently using limited VPN bandwidth while being mindful not to choke the VPN gateways, as they prioritize updates and patches based on threats and vulnerabilities.
Inability to discover and accurately assess the security of remote endpoints
As remote endpoints connect to key assets inside the organization's network, it has become increasingly important to continuously discover and secure this valuable data from malicious attacks by maintaining strong security hygiene. Network perimeter security devices cannot protect remote endpoints as a line of defense from malware attacks and intrusions. With attackers exploiting non-traditional technologies such as productivity software like Zoom, Teams, Browsers, and VPN tools on remote endpoints, organizations need to include security, configuration and patch management in their overall security strategy.
Rapid Change Brings Opportunity
The most effective way of managing the security of these remote endpoints is to leverage cloud-based solutions. Cloud-based solutions are architecturally superior at addressing remote endpoints because they connect directly to the cloud over the internet without routing a large volume of traffic through VPN gateways. They provide companies with visibility into every endpoint to discover vulnerabilities that may exist and allow them to be secured through high-priority remediation. Misconfigurations and compliance gaps that lead to security breaches can also be identified.
In March, when the sudden shift to remote work took place, Qualys leveraged its cloud expertise, gathering insights and experiences from existing customers and released a remote endpoint protection service, which it provides at no cost for 60 days. Qualys Remote Endpoint Protection leverages the Qualys Cloud Agent and its cloud-based architecture to deliver complete visibility into all remote endpoints. Additionally, it provides the ability to remotely patch these systems and detect malware that anti-virus software may have missed. This approach offers real-time, up-to-date vulnerability and configuration posture with the ability to respond with zero impact to the organization's internet bandwidth and connectivity, which becomes critical in the current scenario.
The Remote Endpoint Protection service allows organizations a continuous and up-to-date inventory of all remote endpoints connecting inside the network by providing metadata of open ports, running services and all software and applications on the remote endpoint such as productivity tools, security solutions, and development software with their EOL/EOS status.
The service enables security teams to gain visibility into vulnerabilities and misconfigurations in productivity, collaboration and development tools such as Zoom, Office, Teams, and open source tools, prioritizing those mapped to active attacks, exploit kits or which can be exploited by malware. The service goes beyond just the detection and provides a clear list of patches correlated to these vulnerabilities and enable organizations to deploy security patches to prevent attacks from happening on the remote endpoints.
Commenting on the solution, Daryl Petersen, Vulnerability Manager at ATN International, stated, "ATN International needed a way to protect both its on- and off-premises endpoints, as one of its biggest challenges was securing remote employees' workstations. With Qualys Remote Endpoint Protection, we can correlate vulnerabilities with available patches and actually patch remote endpoints directly from the internet all without having to use our VPN bandwidth. This was a huge benefit to us when the majority of our workforce was suddenly working remotely."
To learn more about Qualys Remote Endpoint Protection or to sign up visit, https://www.qualys.com/forms/remote-endpoint/
About the Author
Shailesh Athalye, VP of Compliance Solutions, Qualys
Shailesh Athalye (CISA, CRISC, CEH, ISO 27001 LA) drives product management and engineering for Qualys’ line of compliance products including Policy Compliance, File Integrity Monitoring, and Security Assessment and Questionnaire. With over 15 years of experience in the fields of IT, GRC and information security, he is a driving force for creating innovative ways to streamline risk, configuration and compliance management use cases.