By Phil Reed, Head of Pre-Sales, Comtec

There are a number of challenges and threats that business face when it comes to security.  Externally there is the threat of disruption and access to data through viruses and ransomware. Internally there is the threat of disgruntled staff taking company contacts and data to new employers when they leave, or inadvertently giving cyber attackers access to the company network by opening a file or clicking a link.  Procedurally there is the spectre of GDPR hanging over the company. Does your company really know what personal identifiable information (PII) is stored where throughout the organisation? Do you have true control of it so you can prove that as part of GDPR compliance?

Traditionally, these challenges were controlled by a number of disparate cyber security systems on central servers. They would look for infiltration, external forces hacking and accessing data.  Increasingly, the risk of exfiltration, the unauthorised extraction of data via staff whether deliberate or through negligence, has needed to be monitored and controlled.

The advent of GDPR has added another element of complexity into the mix, highlighting that organisations might not know where PII is actually kept. What was accepted practice in the past – keeping this data on spreadsheets or desktops instead of secure servers – could now expose you to reprimands or hefty fines from the Information Commissioner’s Office (ICO).

So, is it time to adjust the approach to cyber security? There’s no disputing that an overall, multi-layered approach is best. But what about going back to basics and focusing on endpoints and devices? If they are as secure as they can be when they’re installed, surely this will only strengthen your security posture?

Endpoint protection solutions have been around for some time and many anti-virus products are migrated onto them with central control from an on-premise server.  This control has now moved into the cloud and the endpoint solutions have been extended to support multiple agents collecting data.  With the ability to store this data in the cloud and analyse it using machine learning and AI resources the endpoint is now part of a platform providing multiple solutions and services. This includes the rapid detection and protection against previously unseen threats (the bane of most AV solutions).  The solution gives limitless visibility of everything happening on the endpoints.  It enables dashboards to give visibility to security incidents, visibility of access to critical information and show what network resources and applications are being used.

As with all things cloud this is available to companies at a per agent per month reasonable cost rate.  So, protection and GDPR compliance becomes available to all without large up-front investment costs.

While we’re all talking about the benefits of cloud, this is just another example of the cloud making enterprise features available for all organisations at a reasonable operating fee.

Cyber security is only growing in importance and can be a challenging landscape to navigate. However, with the right partner and by focusing on the basics, businesses can successfully mitigate risk and protect themselves.

For more information on how to protect your organisation’s personal and sensitive data, click here.