The typical enterprise today has, on average, 20 to 50 percent more devices connecting to the corporate network than IT managers expect, oftentimes including devices that their written security policies expressly prohibit.
So says Sandeep Kumar, principal solution marketing manager for ForeScout, who warns that organizations need to know what each individual endpoint is that connects to corporate resources, who is using that device, where it is connected to and from, how it's connected, and what's running on the device. By cataloging that information on endpoints, organizations can more easily track users and risks, as well as react quickly if they detect indicators of compromise or any other types of malicious activity.
In an interview recorded at RSA Conference 2015, Kumar also details:
- The need to keep better track of all endpoints on the network and continuing to scan for any signs of infection;
- How to ensure that security policies are automatically applied, whether computing resources are connecting to the enterprise network or from outside the network;
- What preparations will speed breach response if attackers do gain access to enterprise devices, and how to make breach response as automated as possible.