Endpoint Security

Simplicity is the Key to Enterprise Cybersecurity

(**Editor’s Note: **Sam Bocetta, a guest author on the VMware Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography.)

In today’s digital environment, companies are increasingly seeking more and more complex security solutions to theoretically combat the rising tide of cyber threats. But although many companies in cybersecurity professionals are doubling down on this approach, it’s not always having the desired effect.

Larger organizations and enterprises that use over 100 tools for their security often find that piling on more and more security tech ends up having the opposite effect: things become slower, mistakes become more pronounced, and a million little security holes can combine into big breaches.

Ironically, cutting away the “fat”, so to speak, in your enterprise security suite might just be the way forward. A slimmer, simpler security approach can be just as effective, if not more when combating digital threats and maintaining a system’s integrity.

How Simplicity Works

So why are simpler (and oftentimes fewer) endpoint security solutions the way to go?

Firstly, simpler endpoint security solutions can emphasize efficiency while still providing capable protection. This initially benefits you by reducing the time and effort you need to spend on simply maintaining or updating various security applications or systems. Secondly, fewer systems to manage and integrate means fewer potential mistakes and, thus, fewer potential holes that can be exploited.

In fact, the research firm Garner has claimed that 99% of firewall breaches are caused not by weak security but by this configuring various endpoint security systems against one another. In this scenario, complexity literally weakened endpoint shields to the point that they became vulnerable.

Microsoft commissioned a study that further indicates that organizations with over 50 cybersecurity solutions have serious difficulty recovering from security breaches within an hour. On the flip side, organizations with just 10 cybersecurity solutions or less had much better recovery results. So not only does simplicity make it less likely that you’ll experience a breach of the first place, but it also makes it easier to recover from one after it has occurred.

How Complexity Backfires

It’s no secret that cybersecurity threats are multiplying and becoming more complex every day. As a result, many IT managers and MSP’s are spending considerable resources to improve the number and power of their security products and infrastructure. But this can end up having negative effects on overall security both in the short and long-term.

In fact, it’s becoming increasingly well known that cybersecurity that is overly complex (a security “pile” instead of a “stack”) can become increasingly cumbersome to cybersecurity professionals and hinder the efficiency and overall security of a given network. Various consoles can become far too crowded or trip over one another with an overabundance of commands, or doing basic tasks like creating a file scan might take up too much time and require passing through multiple screens.

This doesn’t even touch the fact that overly complex security solutions for enterprise endpoints can quickly become a giant headache for even skilled cybersecurity and IT professionals. Today, digital literacy is at an all-time high, with anonymous browsers like Tor and consumer-facing encrypted VPN services seeing a surge in popularity in recent years. Even so, things can still get too technical for the average user or businessperson to understand. As products become less accessible and harder to set up or manage, more problems will arise, and more mistakes will be made.

These situations and more will cost time and money from the host company as a result. Adding more security steps to any of these processes will create further opportunities for mistakes or, critically, for security holes that threats can take advantage of. As a result, many IT managers and professionals agree that modern endpoint security solutions are too complex to easily manage.

Ways to Simplify Your Enterprise Cybersecurity

It’s important that any serious enterprise security solution still takes overall viability into account. After all, a company’s data isn’t necessarily protected by virtual private networks nor firewalls, nor can it always be downloaded into hard storage all the time. Comprehensive enterprise cybersecurity must still incorporate valid technologies and systems, so don’t shrink away from choosing the best security tech you can.

Thankfully, there are a number of proven ways with which you can simplify your enterprise security, and many of them are actionable immediately.

For starters, automating whatever processes possible should be the norm. Not only does this free up manpower for the business at hand, but it also reduces the number of human fingers in the system. Fewer people pressing buttons, fewer chances for mistakes. Even the most skilled IT professionals can still make them.

You should also try to shrink your security stack and reduce the number of tools and solutions you use by a flat number based on what’s currently running. While this might feel initially painful or vulnerable, the results will speak for themselves.

Finding security products from vendors that are known to integrate well with one another is another great way to reduce complexity, particularly if the applications are among the many open source privacy tools. Doing this and orchestrating various logs for a system’s different security tools can help to streamline the entire security process and make identifying any problems that much cleaner.

Don’t forget to make everything you’re changing understandable for laymen. Those who will be using security solutions most frequently need to be up to date on new tech and processes. Keeping things simple here is a great way to reduce the frequency of errors.

Finally, remember to follow good cybersecurity hygiene practices. This includes backing up data or configuration files and using secure passwords. These minor things can often lead to big mistakes or security holes, even if they seem small enough to be irrelevant.

Conclusion

Overall, trimming down your cybersecurity enterprise solutions will result in a faster and more efficient machine no matter what the business or industry. In fact, it should be no surprise that the digital world works similarly to the physical one in this respect. 

In both cases, human flaws can easily become more pronounced if revealed with unnecessarily complex machinery. Follow the above advice, while keeping your included security tools strong, and you’ll see better results on your next evaluation.