As the sophistication and destructive potential of today’s cyber threats continues to grow, it’s no surprise that MSPs seek increasingly powerful and complex security products. However, they need to be careful. A common complaint from MSPs is that endpoint protection solutions have become more and more cumbersome to use. This significantly hinders efficiency and increases the difficulty of securing their clients’ network.
As security vendors add functionality, administrative consoles become crowded with settings and commands, making it harder to properly configure the settings that help protect SMB environments. Just making a minor change, like creating a file scan exception, can require slogging through a half-dozen screens. A basic task that should take no more than a few seconds of an MSPs time becomes a laborious, time-consuming multistep process.
Even worse, adding more steps to a process increases the chances of making a mistake. At best, MSPs then have to backtrack to figure out what was missed. At worst, misconfigurations are set by inadvertently skipping a critical step and unknowingly exposing the network and users to cyber threats. So, it should come as no surprise that in a recent VIPRE survey, 67% of IT managers and professionals agreed with this statement in reference to endpoint security solutions: “They have become too complex to easily manage.”
Simplicity = Greater Security
An endpoint security solution that emphasizes management simplicity not only saves time and effort, it also greatly reduces risk of misconfiguring the solution’s settings. Misconfigure a business application and a client might experience slow performance or disabled features, but misconfiguring a security tool can be much worse, as a vulnerability could be created that cyber attackers can exploit to deliver malicious payloads and steal valuable business data.
This is not just some theoretical problem that seldom crops up in the real world. Research firm Garner projects that 99% of firewall breaches and 75% of mobile breaches will be caused by misconfiguration.
Furthermore, misconfiguring applications other than security tools also poses risks. In 2014, a misconfigured Oracle database at bond insurer MBIA exposed customer account numbers, balances and other private data. And the following year, Infosecurity Magazine reported, “A router misconfiguration at United Airlines grounded more than 90 aircraft at US airports for over two hours—causing widespread disruption to flights and negative publicity.”
Clearly, adding complexity to security solutions in pursuit of greater functionality isn’t the answer, it just complicates things by making the products less accessible and more difficult to set up and manage. Ironically, such vendor attempts to help organizations improve their security stance can actually have the opposite result. Adding functionality without regard for proper integration into the security solution increases complexity...and the risk of misconfiguration.
The dangers of configuration errors extend beyond security considerations, including the likelihood of monetary losses resulting from diminished productivity, remediation and legal feels. At a time when businesses are intensely focused on reducing operating expenses and improving efficiency, any solution that hampers productivity and boosts costs is particularly undesirable.
Conclusion
Deploying an endpoint protection solution that is so complex that it undermines the ability to effectively configure it is inherently counterproductive. MSPs are under constant pressure to combat the increasing sophistication of today’s cyber threats, but any security solution selected must combine state-of-the-art capabilities with the management simplicity needed to easily ensure the protection SMBs need.
Guest blog courtesy of VIPRE Security. Read more VIPRE Security blogs here.