How MSSPs Can Secure E-Commerce Endpoints
… each organization to effectively secure their own networks.”
But until enough properly trained and insightful talent can be developed to create this next generation of IoT security products, how MSSPs can secure e-commerce endpoints means leveraging existing technology as much as possible. This could include next-generation firewalls (NGFs), intrusion prevention systems (IPS) and malware solutions.
“Since many modern IoT devices have limited OS stacks where remote monitoring and management (RMM) agents are tough – or impossible – to install, placing more reliance on NGFs is the next best place to enforce security levels,” said Derrick Wlodarz, president of FireLogic, an IT services firm. “Employing NGF units at all locations that can host IPS/IDS and malware filtering is a critical first defense that can also help produce logs IT pros can use to connect the dots on potential issues.”
Backing Up E-Commerce Endpoints?
Given that most e-commerce endpoints are headless devices, endpoint experts generally seem to have the opinion that how MSSPs can secure e-commerce endpoints doesn’t necessarily include backing them up. But what is more important is protecting them from exploits like phishing and ransomware in the first place — if possible.
“The reason IoT devices for e-commerce applications are so important is that they collect revenue impacting data that improves agility for the customer,” said Stephan Tallent, senior director of MSSP and service enablement at Fortinet, the security solutions provider. “Due to the headless nature of IoT devices, ransomware/malware protections cannot be installed on IoT devices. That’s why ransomware attacks that target IoT devices are becoming more common. The key to a ransomware attack is to wipe the devices and recover from backups.”
Still others believe that while traditional ransomware and malware solutions cannot be installed on endpoints, MSSPs can manage them securely in different ways.
“Endpoints are the primary target of a bad actor as they are often the path of least resistance, so it is important to make sure there is active security on the endpoints,” said Zane West, director of product management at Proficio, a global MSSP. “This goes beyond traditional antivirus solutions — most organizations are looking for a solution that has full endpoint detection and response capabilities with continuous monitoring of not only antivirus alerts but also file integrity monitoring cross-correlated with network traffic through the firewalls to detect anomalies.”
Proactive E-Commerce Endpoint Security?
When it comes to deciding how MSSPs can secure e-commerce endpoints for customers, the first thing to realize is that security is everyone’s responsibility. And the first step to understanding that is that endpoint security is not just an IT problem.
“Security presents a significant business risk,” said Ken Galvin, senior product manager, unified endpoint management business unit, Quest Software. “It should be a high business priority for IT admins and the C-suite alike to develop predefined, automated processes that can be immediately evoked in the event of a lost computer or device, data breach or employee termination.”
Beyond that, proactive e-commerce endpoint security involves more than being ready for an attack and thinking of all the possible vectors. It requires preemption, if possible, and after-attack action on any attempted or successful exploits.
“The essential elements are preventing attacks on endpoints both pre- and post-infection,” said Andy Singer, vice president of product, enSilo, the endpoint security provider. “Protect the data stored on those endpoints and orchestrate automated remediation actions — all in real time, avoiding any business disruption.”