The hybrid working adoption forces Romanian organizations to rethink their IT security architectures. After two years of pandemic and with 80% of employees swinging between home and office, traditional tools and approaches are no longer sufficient to protect users. Datanet Systems proposes a new approach, based on technologies that allow both proactive threat response and automation of specific operations. Therefore, this new architecture brings not only improved protection but also more efficient administration.

 

 

Over 80% of Romanian companies will allow employees to work remotely this year as well, according to the HR Barometer conducted by PwC Romania. However, the change in the way of working forces the organizations to rethink their IT security architectures in order to cover the increased attack surface. “TeleEmployees”, as they are called by Law 81/2018, which regulates remote work, access the companies’ data, applications, and services outside the traditional perimeter protection systems, which leads to an increasing level of exposure to security risks. Contributing to this is the fact that employees now enjoy the freedom to use their own devices – such as PCs, laptops, smartphones or tablets – for professional purposes, without the surveillance of the IT department. The savings made by such companies, by accepting the “Bring Your Own-Device” model, are costly for IT departments, which have to manage a heterogeneous work environment, consisting of dozens or hundreds of different terminal equipment, running various operating system’ versions.

To overcome these challenges facing most organizations today, Datanet Systems proposes an integrated cybersecurity approach, through an architecture based on Cisco solutions, capable of providing protection on multiple levels: users, equipment, and network.

The first application recommended by Datanet specialists is Cisco Secure Endpoint, which ensures the protection covers terminal equipment: desktop, laptop, tablet, mobile phone, etc. The Cisco solution consistently outperforms performance tests – an effective protection level of over 97% and a 99.9% success rate in threat detection – and stands out with a number of competitive advantages of its own, which strengthens its leadership position in the market for Endpoint Security solutions.

 

Simplify security operations

To control security risks, many organizations use multiple security tools from different vendors. However, instead of ensuring an improvement in the level of protection, it generates an increase in the complexity of security operations, having centralized management much more difficult or even impossible. This reduces visibility, making real threats difficult to detect, and decreases the effectiveness of remedial measures, which are hard to synchronize and correlate by accessing multiple management consoles.

The Cisco solution eliminates these risks by delivering the needed functionality to simplify administration from the start. Thus, Secure Endpoint provides:

• Continuous analysis of security events;
• Retrospective detection of threats that managed to bypass the protection measures;
• Detection of compromised equipment and applications by monitoring the threats’ trajectory;
• Analysis of potentially risky files in isolated environments, which reproduces real terminals (sandboxing);
• Automatic detection and notification of vulnerabilities of the terminal equipment.

Additionally, Secure Endpoint natively benefits of advanced integration capabilities, being one of the core components of Cisco XDR (Extended Detection and Response) platform, a pre-integrated suite of IT security products that brings together five of the most effective applications and Cloud services in the company’s portfolio (Secure Firewall, Secure Email, Secure Endpoint, Umbrella, and SecureX). Through SecureX, the XDR platform provides centralized cloud management of all Cisco solutions and also facilitates integration with other vendor security applications (Splunk, Palo Alto, Fortinet, RSA, LogRhythm, IBM, etc.).

 

Increase the effectiveness of threat response measures

As stated, the adoption of the hybrid work model increases the workload of the IT departments, which needs to control more security risks in a heterogeneous work environment. However, there are requirements that can be covered by the many automation features and advanced detection and response capabilities provided by Cisco Secure Endpoint.

As an example, the Cisco solution natively integrates Threat Intelligence services and Machine Learning algorithms that simplifies the detection of new threats. Thus, when a potentially risky file is reported or identified, Secure Endpoint automatically performs a retrospective analysis, detects compromised terminals, and quarantines them – automatically or following an administrator’s decision, until appropriate remedial action is taken.

In addition, as part of the XDR platform, Cisco Secure Endpoint natively benefits from contextual information that is automatically collected and correlated from multiple sources (terminal equipment, servers, network infrastructure, applications, cloud environments, etc.). Using this data, the SecureX platform can be used to define automated response actions by orchestrating and automating workflows and security operations.

Last but not least, the Premier version of the Cisco Secure Endpoint solution provides access to advanced Threat Hunting features, through which over 50 Playbooks for cyberattacks are run daily in the Cloud, based on telemetry data from the client’s computers, generating results that are analysed by a team of Cisco cybersecurity specialists. If a threat is identified, the client receives a notification that includes a description of the threat and its behaviour, the possible impact it may have, and a set of recommendations to investigate the threat and remedy its effects.

Benefits of collaborating with Datanet Systems

In the context of the new wave of threats, IT security is an issue that cannot be neglected by any organization. Cisco Endpoint Protection offers many security features, as well as multiple possibilities for automating threat detection, prevention, and remediation processes. However, configuring and customizing them requires advanced skills in Cisco technologies and security solutions, as well as IT system integrator skills.

Datanet Systems meets all these conditions – we are the Cisco partner with the largest team of certified specialists in Romania and we have numerous active projects implemented in the field of critical security infrastructures. Our experts can provide a full range of services, through an integrated approach to end-to-end security, ensuring the protection of end-users and the endpoints, applications and data found or running in on-premises infrastructures, and in the Cloud.

For more technical and business information about Cisco Secure Endpoint and Datanet services, contact us at sales@datanets.ro.

______________________

Note: Original article published on profit.ro – here.