It’s funny when I see articles around security that focus on how Anti-Virus is the key to computer security. I know that yes, the risks from malware and virus-laden attachments are a pain in the butt for security professionals, and even regular computer users, but is A/V really the key to computer security? If you ask me, it’s really about education and process than anything.
Think about it, of the major security breaches over the years, how were they caused? Most of the time it’s because someone clicked on a link that ended up breaching the security perimeter. Or it’s because a stolen laptop contained personal information. You could argue that SQL injections are a form of virus/malware, but it’s really more a dedicated attack. I’m talking about old school malware/virus attacks. Where has endpoint gone?
I think the reason that endpoint is sitting on the backburner is that security professionals realize that there are better approaches to securing a network. Whitelabelling applications is an option which limits the risk of unauthorized network traffic, and some organizations use virtual desktops to limit exposure. But again, why are we not focusing on education?
I know it is hard to change behavior, probably more difficult than most security measures. But every day there is some news about a vulnerability or breach in the news. People by nature should understand that this is how things operate in the world. It’s easier to gain access to a system through an uneducated employee than to circumnavigate all the security controls in place. So why are we still struggling with this?
I’m curious to see how organizations are dealing with this common issue.