Securing multiple operating systems on a single network? It is manageable 0 130

Many may think that companies exclusively use Windows devices. However, while it’s the most widespread operating system, it may not be the most suitable platform for all company needs. The current market share of operating systems in Kenya shows Android at 53% of the market, Windows at close to 28% of the market, OS X at under 5%, IOS close to 3% and Linux below 2%. Thus, it’s quite common to have an IT team monitoring the security of five different operating systems—Windows, Linux, Mac, Android, and iOS. However, the accompanying complexity may lead to certain cybersecurity risks that must be addressed.

ESET’s longitudinal data suggest that most large companies have at least one Mac computer. There are two reasons for the presence of Mac computers in the corporate ecosystem. Macs have long been highly sought by people employed in creative jobs—for example, in internal graphic teams, architectural firms, or advertising agencies—because the architecture of the Mac operating system is particularly suited to graphic design. In all these cases, Mac is used because of a clear business need. In other cases, it is mainly a matter of personal preference of employees or the management who choose Mac; for example, because its user interface suits them better or exclusively because of its high-end design.

Mac as a carrier of malware

Many users believe that the Mac operating system is inherently safer than Windows. However, this is a distorted view caused by the fact that attackers focus on operating systems that are deployed on a broader scale, which in turn enables them to make more money either by stealing it, or by monetizing stolen data. However, there are many examples of Mac malware and users should not fall into a false sense of security.

One way that attackers leverage Macs is by looking beyond their value as a potential end-targets, but instead, as carriers. Yes, Macs can be used to introduce malware that is not targeted at the Mac platform itself and deliver it to an otherwise secure network. If the Mac computer in question is not protected, it can transfer Windows-targeted malware onto Windows devices within the company’s network—the malware connects to the network, bypasses the network firewall or sandbox, and the corporate network gets infected. The same applies to Linux and Android devices that can be potential carriers of malware as well as targets.

Mobile devices: iOS is more secure

The situation is different with respect to mobile devices. The iOS platform for Apple mobile devices has been designed to be safe via its internal structure. In iOS, each application runs in its own sandbox with very limited rights for interacting with other applications. The application does not have the access rights unless the user explicitly grants that permission. It’s different from Windows where each application runs primarily under the system account, thus receiving access rights for the entire system. The reason why there are no security applications for iOS is that this type of application would have access rights only for itself. It could scan itself and maybe photos and contacts. Apple also performs whitelisting in its application store in an attempt to prevent harmful items entering. For these reasons, iOS could be described as a safer operating system. However, this does not apply if a jailbreak has been performed on an iOS device. Jailbreaking is a process that disables certain security features.

Security risks also arise when a corporate mobile, is stolen or lost. In this scenario, iOS is not immune from risk since an employee’s device may contain business emails, valuable contacts, and photos from internal meetings because people often take pictures of the meeting notes. In other words, there is a lot of potentially sensitive data on employee devices that is not always efficiently protected. For example, when employees do not set a PIN, or use a weak PIN on the device in question.

Companies can enforce security policies cross platform

How does a company know whether a corporate device is jailbroken or whether an employee has set up an effective PIN to protect access to their Apple phone? Companies can do this using Mobile Device Management (MDM) solutions; for example, ESET Mobile Device Management for Apple iOS. The iOS system uses the Apple Mobile Device Management framework, and in some countries the Device Enrollment Program (DEP) is available as well. In this scenario, the company buys an iOS device pre-enrolled within its organization. When the device is turned on, it connects directly to the company’s MDM solution and installs a security profile based on the company’s specifications.

The company can define what security settings or state it requires for a device; for example, to confirm that a device is not jailbroken or that a secure access PIN code is deployed containing at least 6 characters (or alternatively a fingerprint lock) and the employee changes it at reasonable intervals. If a device does not meet these requirements, the company can remotely disable access to corporate email or restrict other device functionality. Further, it is also possible to localize the device, flag it as lost and thenremotely wipeit. This is useful, for example, when a corporate iOS device is lost or stolen or if the company discovers that the employee has been leaking sensitive company data.

Android really needs a security application

The Android operating system is more open than iOS, which is the primary reason why a security app should be used on all Android devices. Just as with iOS, an employee’s Android device can contain sensitive data, emails, and photos. There are several MDM solutions available for Android that enforce specific security policies on corporate Android devices.

For example, there is Android for Work, i.e. the native Google ecosystem. Alternatively, there are solutions that run with administrator privileges within the device. An example of such an application is ESET Endpoint Security for Android that contains not only MDM functionality but also multi-layered security features such as protection against malware and anti-phishing. The Google Play store, which is the main source of Android apps, has less stringent rules than Apple’s app store; therefore, sometimes, attackers are able to upload malicious apps. Thus, an Android device without a security app installed can get infected even when the employee’s behavior is neither risky nor unsafe.

Diverse operating systems require Integrated management

All company devices with the ESET MDM solution or ESET security program installed can be monitored remotely from the ESET Security Management Center web console. The operating system of those company devices is irrelevant—it could be Windows, Mac, Linux, Android, or iOS. This remote management console informs the administrator about the security state on the device in question and can help warn the company about unwanted or suspicious activity.

Complete network, hardware, and software visibility

ESET’s remote management console can also provide the administrator with a lot of information about possible security incidents in the network, the hardware of individual computers, such as their manufacturer, model, serial number, processor, RAM, disk space, and much more, and installed software including version numbers and additional details.

ESET Security Management Center comes included as part of all ESET enterprise-grade solutions.

To find out more about ESET Security Management Center and to book a FREE in-house cybersecurity training session for your organisation, please sign up below.

Previous ArticleNext Article

Interview: Addressing the Six Biggest Cybersecurity Challenges for Enterprise 0 212

cybersecurity challenges enterprise
Ken Kimani, Channel Manager of ESET East Africa, introduces the 6 biggest cybersecurity challenges for enterprises

Enterprises are under constant attack from cybersecurity threats resulting in the loss of millions in revenue annually. Factors such as ransomware, targeted attacks, insufficient network visibility, various operating systems in an organization, bad security behaviour among office staff, lack of skilled cybersecurity workforce and the level of tolerance among staff are the major causes of cyber-attacks in the country.

To mitigate these issues, ESET East Africa offers free training, suitable for all skill levels to help educate enterprises on the importance of cybersecurity.

Subscribe to our newsletter to find out more about this training, our enterprise offering and to follow our series on the 6 Biggest Cybersecurity Challenges for Enterprises.

 

ESET East Africa launches a new line of enterprise security solutions 0 679

ESET Enterprise solutions

ESET, the leader in cybersecurity research and a top European Union-based endpoint security company, announces the launch of its new line of enterprise security solutions designed to provide the global enterprise sector with tools for prevention and management of cyber risks on a global scale.

ESET East Africa is raising its game with the introduction of ESET Dynamic Threat Defense, an off-premise cloud sandboxing solution providing almost instant analysis of zero-day and ransomware threats before they reach the network.

As recently reported by Forrester[1], buyers want an “endpoint security suite that consolidates capabilities and minimizes complexity when possible.” ESET East Africa’s new line of cybersecurity solutions meets this demand and offers something extra.

The new line of enterprise security solutions also welcomes the brand-new ESET Security Management Center, a revamp of the renowned online console ESET Remote Administrator. This online console provides not only complete network visibility and full security management via one single pane of glass, but also fully customizable reporting and single-click threat remediation, adding important complexity-minimizing elements to the whole suite.

“We understand global enterprise increasingly requires cybersecurity solutions that are more tailored to their specific needs, because we cooperate with a large number of them at the country level,” explained Juraj Malcho, Chief Technology Officer at ESET. “Get your hands on our latest offering and you’ll see how easily manageable an enterprise security solution can be.”

The ESET Endpoint Protection solutions offer enterprises increased visibility of the alerts being sent to ESET LiveGrid® – a platform made up of 110 million sensors worldwide and verified by ESET research & development centers. This allows customers to have the highest level of confidence when viewing data and reports within their consoles.

ESET East Africa offices are based in Nairobi to offer local support to our ever-growing partner base in the East African region. As part of our commitment to the growth of our partners, we are fully focused on servicing our channel. As an ESET East Africa partner, you will benefit from our technical, sales and marketing expertise to assist with deal closure, technical support and onsite training.

ESET East Africa’s new enterprise products and services are designed to be seamlessly deployed in parallel with the existing ESET enterprise offer. For more information about this offering, visit our website.

[1] The Forrester WaveTM: Endpoint Security Suites, Q2 2018 report