Webinar: The Importance of Endpoint Privilege Management – ARCON and KuppingerCole Analysts Ag.

After a very successful webinar on the role of IAM in Multi-cloud Environments, ARCON and KuppingerCole Analysts AG. came together again to co-host a webinar on yet another burning topic in information security: endpoint security.

On July 28th, 2022, Paul Fisher, Senior Analyst, KuppingerCole Analysts AG, and Anil Bhandari, Thought Leader and Chief Mentor, ARCON, appeared live to discuss the benefits of the Endpoint Privilege Management (EPM) solution.

In the first half of the webinar, Paul Fisher took the stage as he explained why modern regulatory compliance requirements and IT infrastructure setups demand the deployment of an EPM solution to secure data, devices, and critical-applications from potential abuse or misuse.

Initially, Paul discussed the generic IT aspects that enterprises “should have” to ensure business continuity, and later on, he highlighted the concerns about endpoint security. 

Here are the key points highlighted by Paul.

• Agility – Organizations always look for IT agility to build a strong foundation of secured IT infrastructure. And secured endpoints are the keys to ensure that the right data asset is accessed by the right person at the right time for the right reason. 

• Rapid Rollout – It is essential for organizations to accomplish the designated task with the designated user within the designated time. To make sure that it happens on time, proper and rapid rollout is the key.

• Productivity – Productivity is the ultimate goal of any organization. What level of automation an organization has incorporated into their IT operational infrastructure, what kind of proactive end-users are there in the IT ecosystem and what extent of stringency is followed through the policies – all these help in the productivity of the end-users.

• Cost Reduction – If digital transformation is not cost-effective, then organizations refrain from going for transformation or sometimes delay it to arrange an adequate budget. Hence, cost is another crucial component of the IT security infrastructure.

• Infrastructure – There is a proverb, “Infrastructure creates the form of a city.” The same applies to an organization as well. A proper infrastructure not just means a good number of people, a good number of systems and machines but also a comprehensive policy for the people for the right execution at the right time for the right reason. 

• Control over end-users – Inadequate control over the end-users is the biggest reason for cyber incidents in organizations. Controlling end-users does not mean that they should be allocated well-defined roles and responsibilities, but also means monitoring them continuously to keep track of who is doing what, where, when and for which reason.

• Deployment – Deployment of access management solutions and endpoint security solutions help organizations to stay secure from emerging insider and third-party threats.

Furthermore, Paul Fisher presented an analytical view of how the number of endpoints is increasing rapidly in organizations across the globe. In order to achieve higher levels of productivity, most organizations end up increasing the number of identities as well as functional departments to manage the IT workloads. As a result, the number of endpoints keeps on increasing as well. He also discussed several reasons of Endpoint Security misuse which includes:

• End-users knowingly/ unknowingly downloading/ accessing malicious/ unknown applications
• Malefactors accessing secret servers and sensitive databases
• Lack of visibility in the endpoint activities
• End-users having too much privileged/ elevated access
• End-users sharing business and personal information on a single device

Regarding this, Paul also highlighted the importance of following the Least Privilege principle. ARCON’s EPM solution offers Just-In-Time (JIT) privilege access to the critical applications, which ensures that there are no standing privileges that could end up with unauthorized access.

Following Zero Trust architecture at the same time is extremely important in this context because an excessive number of endpoints poses challenges to administrators in terms of whom to grant access to for what and when. The Zero Trust model allows access to the system/ application but only with a seamless assessment of the level of risk involved in the activities.

Key Takeaways from Paul’s session:

• Continuous assessment of EPM goals
• Empowering users with ‘low friction’ rather than just assessing and securing them from IT threats – it could even enhance productivity and profitability
• Defining end-user outcome is highly important
• Extensive research on Privileged Access Management (PAM) solution in the market as it has direct/ indirect impact/ correlation with Endpoint management

Anil Bhandari in the second half of the webinar explained the role of the ARCON | Endpoint Privilege Management (EPM) solution in reinforcing endpoint security and how it uses User Behavior Analysis (UBA) and Data Leakage Prevention (DLP) features, including Data Intellect, to build a contextual security layer in enterprises. 

Looking a little back during the pandemic, every end-user in an organization worked from home, learned from home, and earned from home. In order to strengthen IT security, many organizations ended up making access management policies highly stringent. As a result, it became a high-friction access model, and productivity suffered a lot.

• Considering the access management scenario, organizations started to invest in laptops with authorized access licenses – it resulted in slow access with bad user experience. Even Just-In-Time (JIT) access requests take forever.

• Endpoints are the largest attack surfaces in modern IT environments.

• ARCON | Privileged Access Management (PAM) and ARCON | Endpoint Privilege Management (EPM) once deployed together offers a series of benefits. It includes: 

• Monitors access activities on the endpoints
• Helps end-users to follow IT security policies even when they are outside the network
• Application Blacklisting and Whitelisting
• Privacy Control on files
• File Monitoring (FIM capabilities)
• Data Intellect (capabilities of classifying and protecting data based on AI/ ML mechanism)
• Continuously assesses and analyzes user behaviour to find any anomalies
• Makes a strong barrier between end-users and IT assets
• Data backup, recovery and protection against ransomware

• Continuing his discussion, Anil Bhandari said that current IT infrastructure is broadly divided into on-prem and cloud infrastructure. No doubt, the necessity to protect the endpoints is applicable to both. From security perspective, organizations concentrate on IT security in five different angles:

• Endpoint Protection
• Multi-factor Authentication (MFA)
• Control the admin privileges
• Control installations, applications & data
• Device hardening

ARCON believes in securing IT infrastructure with an outcome-based model. Today, most of the applications are cloud-based, the profiles are dynamic in nature, the attack surface is huge, and there are multiple login and logout areas in the entire network. On top of that, remote security is again a demand because more than 80% of global organizations are now following a hybrid work model. Just-in-Time access, in this regard, is the best solution to ensure seamless security.

So what should we do?

According to ARCON, the best bet to establish next-gen protection is the ease of IT operations and support by securing the endpoint privilege passwords. At the same time, continuous automated analysis of every user behaviour helps in the crucial decision of whom to allow access to what, when and why. With EPM solution, organizations can:

• Authenticate end-users everywhere and anywhere while accessing critical systems
• Establish Zero trust framework with continuous assessment of end-point access
• Notify any kind of deviation from the device pattern at any point of time

The intention here is not to restrict the user from doing whatever he/she wants, but to give liberty to the end-users with a low-friction model where end-users can do whatever they want, whenever they want. This eventually enhances productivity and fast performance. 

Before wrapping up the webinar, Anil Bhandari highlighted the exclusive demands of next-gen IT security and how ARCON | EPM is adding value to the trends:

• Analyzing user behaviour with with AI/ ML-based algorithms
• Real-time session monitoring for every access even while working remotely
• Vault the privilege passwords of the device
• User authentication with continuous assessment of ‘trust’ (Zero Trust)
• Comprehensive report of endpoint access, device type and facial recognition
• User identity-based third layer of defense
• Elevation of an user based on requirement and ease of operations
• Monitoring IT threats in a real-time (when, where & how)

Conclusion

As the webinar came to an end, both Paul and Anil discussed the poll question, “What are the concerns about endpoint security?” 40% of the respondents were of the opinion that cyber attackers access servers and databases taking advantage of vulnerabilities in endpoint security.