Let’s talk endpoint security in the age when the corporate security perimeter not only dissolved into the cloud, but also engulfed employees’ home PCs and networks. Enterprises have been cautiously observing such trends, often in the context of BYOD or BYOPC initiatives. The sudden and ruthless arrival of COVID-19 caused organizations to directly confront the risks of infected user-managed systems from accessing sensitive company data and resources.
Employees today are forced to work from home. COVID-19 forced many enterprises to accept the risk of such work occurring on employee-owned systems, because there has been no time to plan an alternative approach. This set up makes it much easier for attackers to compromise resources: Instead of going after company-managed systems, they can pursue “softer” targets such as employees’ PCs.
How can the organisation protect itself against such risks while avoiding the burden of completely overhauling its approach to equipment provisioning? Deploying the endpoint security products designed for the enterprise turned out to be impractical:
- Operations: The variety of hardware, OS, and application options on home PCs are huge. It’s very costly and impractical for enterprises to support all the permutations.
- Privacy: Employees feel uncomfortable allowing their employers the same level of monitoring of their home PCs as they might accept on company-owned systems.
In today’s work-from-home reality, enterprises are limited in the security controls they can deploy. It’s good to start with baseline measures such as VPNs, VDI, and 2FA, but how might they protect employee-owned given the operations and privacy challenges above? Minerva’s customers found our install-free endpoint protection particularly well suited for this.
Minerva’s technology allows organizations to activate their endpoint protection only when the person interacts with company IT resources during the VPN session. This protects the company from the risk (such as ransomware, screen-recording, keylogging, and other modern evasive threats) of an infected home system posing a threat, without having to take on operational support burdens and while respecting users’ privacy.
Minerva’s approach to protecting unmanaged endpoints, which is especially useful in today’s COVID-19 reality, is uniquely effective and practical. Minerva’s Remote User Protection software integrates with the organization’s VPN (or other applications such as VDI) via the security policy typically called host checker. This allows the VPN to activate Minerva’s endpoint security software on the PC without a permanent installation. Minerva’s software is automatically deactivated when the VPN session is done.
Minerva’s Remote User Protection offers the benefits of advanced endpoint security in a click of a button without installation, without changing the end-user’s workflow, without requiring administrative privileges on the system, and without compromising the employee’s privacy. In this setup, the organization's existing VPN tool to do what it does best--safeguard the confidentiality and integrity of the encrypted network tunnel). Minerva’s software protects the endpoint during the VPN session, offering the following benefits:
- Protect corporate IT and data assets from a variety of malware threats that would otherwise put the enterprise at risk.
- Integrate with the organization's VPN or other software to launch malware scans and, if necessary, terminate the VPN connection from a compromised system.
- Operate seamlessly, without slowing down the person’s system and without conflicting with other software that might be installed there.
As the world embraces remote work beyond the initial BYOD paradigm, enterprises look for ways of protecting themselves from the personnel interacting with sensitive company data from infected, unmanaged systems. Traditional endpoint security solutions, which are designed to protect corporate-managed systems, aren’t designed to operate on employee-owned PCs. Minerva’s unique Remote User Protection is built for such scenarios, helping organizations conduct business even when supporting employees’ work-from-home preferences or requirements.
We will be happy to show it to you in action - book a demo here.