In almost any organization, power users working in data science, engineering, product design or creative design typically process vast amounts of data to get their job done. As a result, these users are prime targets for bad actors intent on exfiltrating an organization’s data or extracting a ransom for the safe return of stolen or encrypted data.
This article looks at some of the lesser known vulnerabilities facing today’s power users and offers prescriptive advice on how to help ensure that these users don’t become the weak link in enterprise security efforts.
For decades, the No. 1 IT priority has been network and device security. The increasing number of threats targeting endpoint devices has been compounded by the evaporating network security perimeter, largely due to the dispersal of workforces initiated by the COVID pandemic. A recent IDC study found that the percentage of work-from-home employees jumped from 6% pre-pandemic to 53%,1 and in many cases, threat actors have actively targeted mobile power users, who often have access to business-critical information and valuable data ripe for ransomware attacks.
The number of attack vectors for endpoints is also growing. Besides phishing and ransomware, power users are being targeted by business email compromise and other malware infections that attackers hope will spread laterally throughout the organization. Regardless of the attack vector, IT organizations’ main endpoint security fears focus on data breaches and exfiltration and malware with good reason: IDC’s U.S. Managed Security Services/Managed Detection and Response Survey found that 90% of respondents had sustained at least one security breach in the past 12 to 24 months.2
The lack of network perimeter security for mobile power users has led IT professionals to increasingly adopt new strategies such as the zero trust approach to endpoint security, which eliminates the default assumptions of trust between endpoint hardware, data, applications and network resources. Zero trust can help reduce attack surfaces and speed up incident response when evicting attackers from the network. However, one area of endpoint security is often overlooked: firmware, which was the target of the LoJax attack.
The World’s Most Secure and Manageable Workstations
Threats to information security continue to grow in frequency, variety, and scope. Read this paper to learn how hardware-enforced security in every device is critical to the overall protection of your business.
Download NowBecause firmware is below the operating system stack, endpoint security software may not be able to establish whether firmware has been compromised, which can lead to a power user’s PC becoming exploitable. Also, because corrupted firmware resides in nonvolatile memory, rebooting or power cycling the infected device has no effect. This type of attack is insidious, offering attackers the highest privilege level from which to launch new attacks, including modifying security software settings unbeknownst to the user.
However, power users can help defend against firmware attacks by ensuring their PCs include a Trusted Platform Module and designed-in security features such as the HP Wolf Security for Business, which is included in every Z by HP workstation and HP business PC. The security suite helps ensure the security of power users’ PCs by protecting firmware, continuously monitoring critical system resources, and returning corrupted OS, drivers and applications to their last approved images. It can even detect when a PC case has been opened to prevent tampering.
To learn more, click here.
1 “Holistic Endpoint Security Requires Built-In, Hardware-Based Defenses,” IDC, March 2021
2 IBID
