ENDPOINT PROTECTION
Challenging silos Samantha adds that currently too many cybersecurity tools are siloed. “Therefore, channel partners should be highlighting exposure management practices to provide organisations with a holistic view of their endpoint security and a clear understanding of their attack surface,” she says. “With security products and services constantly advancing, channel partners should tailor their solutions and services to fit their customers’ requirements. Avoid overwhelming them with a multitude of features they will undoubtedly never use. Instead, offer valuable services that educate where necessary and provide insightful logs and actionable intelligence regarding their endpoint security and specific requirements.” Jonathan Wright, director of products and operations at GCX, agrees. “Aside from the overlapping costs, the solutions may limit visibility and introduces gaps between tools for cybercriminals to exploit,” he notes. “For MSPs to help organisations cover the expanding and fractured attack surface, they need to provide cloud security and zero trust architecture in a single stack to reduce gaps between tools and increase visibility. “With 94% of organisations now deploying cloud solutions, a single stack solution has become increasingly central to provide visibility beyond just on-site endpoints and enable network-wide visibility and control via integrated XDR solutions. A zero trust approach then helps organisations go that step further to constantly monitor user behaviour across their estate, helping to tighten security across the stack and minimise threats.” Jonathan adds that with BYOD policies and remote working becoming the norm, the number of endpoints expands beyond the traditional confines of the office. “This means that achieving complete visibility into network activity and constant attack surface monitoring is key to threat detection. “Resellers should be highlighting how solutions integrate with the customer’s wider security suite, what the management layer looks like and whether a single stack approach may help remove older standalone services. “We are beginning to see cloud-based security solutions take over, like Secure Access Service Edge and Secure Web Gateway, which can form part of a zero trust security strategy. With so many organisations rooted in the cloud and the rising volume and sophistication of threats, comprehensive cloud-based security
architecture is central to ensuring external attack surfaces are effectively monitored and networks are kept safe.” Specialised for MSPs There are also endpoint protection solutions tailored for MSPs to offer to their customers. “There are some excellent options on the market,” says Karl. “As an MSP, we recommend the Microsoft Defender for Business bundled with the Microsoft 365 Business Premium. “Microsoft Defender for business is a suite of products including Microsoft defender for endpoint, Microsoft Defender for Office and Microsoft Defender for cloud apps. “Microsoft Defender for Endpoint integrates with the plethora of other Microsoft security products. It provides a more rounded and robust level of protection. “What’s more, it comes with the ease of use that Microsoft is known for while also having access to the latest security settings and features companies may be looking for. The move towards subscription software solutions means that it's easier for businesses to have the latest protections in place continually, and they can be easily scaled up as and when needed.” Keegan adds that most endpoint solutions support ‘multi-tenancy’ – they have functionality for MSPs to serve multiple customers simultaneously. “The economic advantage of using a security provider versus building your own internal security team is that most security providers design their operations to work with small and medium businesses, and they represent a large share of the market,” he says. Kevin Reed, CISO at Acronis, says that a particular trend is ‘living off the land’. “This is when attackers do not deploy malware at all but instead use legitimate tools, often supplied with an operating system, to achieve their goals,” he says. “For example, in-memory PowerShell execution is a common tactic for advanced attackers nowadays. “Protecting from these kinds of threats requires new class of defensive software like EDR that rely not on detecting malware, but on behavioural patterns, even when standard tools are used. “Advanced Security + XDR is a perfect solution for MSPs, as it offers complete, natively integrated protection built for them to swiftly prevent, detect, analyse, respond to, and recover from incidents across most vulnerable attack surfaces.”
Keegan Keplinger
“
New detection approaches are constantly emerging but implementing them can be
tricky unless your customer is able to adapt.
”
Jonathan Wright
Kevin Reed
www.newsinthechannel.co.uk
45
Powered by FlippingBook