Adding Enhanced Shields to Strengthen the Last Front: Encryption and Patch Management

Reading time: 6 min
Share this Share on email Share on twitter Share on linkedin Share on facebook

(Article also available in German, French, Spanish, Italian, and Romanian.)

In an increasingly hostile landscape where large cyberattacks make headlines virtually every month, companies have started shifting their security defense paradigm toward gaining more visibility into the way attacks occur, and how they become targets.

After acknowledging that a breach will inevitably occur and adopting useful endpoint detection and response tools, CISOs focus on minimizing the attack surface while adding extra protection to the their infrastructure. Here’s where patch management and encryption make the difference.

Keeping valuables out of sight

A Bitdefender survey of 1,051 IT security purchasing professionals in the US and Europe showed that four in five CISOs say encryption is the most effective mechanism to secure data, followed by security software and backups. By country, encryption is most trusted in Italy, the UK and the US, but, on average, only one company in six encrypts all data.

Three in four IT security decision makers cite financial costs and reputational damage to their businesses as the worst consequences they could face if an advanced threat accesses the ‘crown jewels’.

Critical data related to intellectual property must be stored on premise, with access to it restricted and available only to authorized personnel. Any data stored locally or in the cloud should also be encrypted to make sure cybercriminals cannot read it, in case of data breaches or unauthorized access.

CISOs should avoid the risk of losing data and comply with regulations by fully encrypting the hard drive of their mobile endpoints.

GravityZone Full Disk Encryption protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault). It takes advantage of the native device encryption to ensure full compatibility and maximized performance. GZ Full Disk Encryption is integrated into the GravityZone Console and Agent, with no additional agent to deploy or key management server to install. The use of existing endpoint security infrastructure to manage Full Disk Encryption enables fully centralized deployment with minimal administrative effort.

Filling the missing bricks in the wall

While unpatched systems leave organizations susceptible to malware incidents and outbreaks, and data breaches, half of the CISOs surveyed admit infrastructure expansion has increased their company’s attack surface. Security specialists strongly advise CISOs to keep all software updated with the latest patches. Patch management tools make it even easier and help companies avoid harmful events, such as the infamous WannaCry and GoldenEye outbreaks.

The GravityZone Patch Management module supports both automatic and manual patching. It gives organizations greater flexibility and efficiency for patch management, with the ability to create a patch inventory, schedule patch scanning, limit automatic patching to admin-preferred applications, vary scheduling for security and non-security patches, and postpone reboots for patching requiring a restart. In the current cybersecurity landscape, patching OS and Applications has become a high priority for the IT team for both security and compliance. GravityZone Patch Management allows verification of patching enterprise-wide to comply with policies and regulations.

You can also read this article in the following languages: German, French, Spanish, Italian, and Romanian.