5 reasons why network security is just as important as endpoint security

Would you say the company is safe if its employees use laptops without anti-malware software installed? Most businesses would say this is an irresponsible practice. So why do many businesses have no protection at all for their websites and web applications, and why don’t many MSSPs provide any kind of web application security services to their customers?

“Antivirus” (an anti-malware solution) is seen as a standard element of a Windows installation — it’s rare to see a computer without it. Strangely, however, many businesses just set up a website or web application and feel completely secure without paying attention to whether it’s secure, and many MSSPs don’t provide any security for their web properties at all. This is all the more surprising because web-accessible databases often contain more sensitive data than a typical office machine, such as customer personal information.

Here are five reasons why you, your MSSP, and your customers should take web security as seriously as personal computer security and endpoint security.

Reason 1. Migrate to the cloud

Twenty years ago, websites were just simple, mostly static displays—digital billboards in a sense. For example, today, many of us are creating documents online rather than using a desktop word processor—often the only software installed on our Windows machines is a browser. Even with some other software, like Slack, it uses a web interface to communicate with the server. Companies use their own servers less often. For many employees, desktops and laptops are basically thin clients that exist only to give them access to the network.

This means that antimalware basically protects an empty computer with no special software, just a browser. The only major risk to such a computer being attacked is whether the attack can steal the login credentials for the web application.

On the other hand, all the data, all the business support software, and everything else is on the web or coming soon. And, unfortunately, it’s often completely unprotected. So while 20 years ago personal computer security was much more important than network security (since the network was hardly used), now we can even say that network security has become more important than personal computer security.

Reason 2. Ease of Attack

A successful attack with malware requires a lot of work. Even if attackers use off-the-shelf malware, such as the well-known Trojan horse, they still have to deliver that malware to the victim. This means they have to, for example, create a convincing phishing site and a convincing phishing email and get people to install the Trojan. Even after the victim has installed malware, the attacker may find the victim’s computer completely worthless since the victim is usually random.

On the other hand, it is much easier to conduct a successful web attack, and there are free and easy-to-use tools that make it easier for attackers. All they have to do is point a tool to your website, which acts like a vulnerability scanner, finding weaknesses and allowing attackers to exploit them right away. This attack has a high probability of success because the attacker targets a specific victim and knows that the victim has valuable information.

Digital criminals love to make their lives easy. Why create mindless, sophisticated phishing campaigns in the hope that when they can execute a simple, automated, targeted attack with immediate results, they might end up with some valuable data?

Reason 3. No outside help

If your customers use a reputable cloud service provider to host their email accounts, they can feel fairly safe because they have an anti-malware solution on the server that eliminates potential threats before they reach the computers your employees use potential threat. That means email doesn’t need a local antimalware solution at all.

On the other hand, most web hosting providers do not perform any vulnerability scans on the content they host. This means that the responsibility for protecting network assets for customers rests entirely with the MSSP.

Reason 4. Probability of Attack

As mentioned, most of your clients have server-side anti-malware solutions for all of their email needs. This can be done with a well-known cloud email provider that offers server-side anti-malware or your MSSP service. As a result, the likelihood of generic malware spreading via email is virtually nil.

The chances of getting a virus from the website your customers visit are also low. This is because browsers don’t install anything on your computer unless you give explicit permission. Additionally, employees typically do not visit risky websites that could spread malware. So even if your clients’ desktops and laptops don’t have anti-malware installed at all, the chances of getting malware on an office machine are very low.

On the other hand, your customer’s website or web application is much more likely to be the target of a general attack. This is because black hat hackers simply use automated software to scan available websites and then scan them for vulnerabilities. If your clients use any kind of open source web software with plugins like WordPress, Joomla, Drupal, Magento, etc., they are most at risk as these plugins usually come with lots of vulnerabilities. Remember: unlike an office laptop, your client’s website or web application is public and anyone can access it and try to hack it.

Reason 5. Becoming an accessory to a crime

If, as a result of a malicious attack, your customer’s business becomes an adjunct to crime, the consequences can be more severe than those of a direct attack on that business. This could damage your customers and your reputation, and could put both businesses at significant risk. Therefore, any form of attack protection must also take into account the possibility of someone using your customer’s resources to attack someone else.

The goal of malware-based attacks is often to install botnet software. Such software is then used in large-scale DDoS attacks against other entities. Attackers may also install rogue VPN solutions, which can then be used to hide the attacker’s original IP address.

However, web applications can also become attachments. For example, if a web application has a cross-site scripting (XSS) vulnerability, this vulnerability could be used to create a phishing attack that appears to be coming from your customer’s domain. And the scope of such attacks is much larger than that of botnets, which are used to attack a single target at a time. Phishing campaigns can be sent to millions of targets who will then all see your trusted domain and potentially fall victim to the scam.

So if you don’t want to risk your reputation, you should make sure that your customers’ websites and web applications don’t have any vulnerabilities that can be used to attack others. The only way to do this effectively is to use a network vulnerability scanner.

Guest Swamp is provided by Invicti, an international web application security company headquartered in Austin, Texas. See more Invicti guest blogs here. Regularly contributed guest blogs are part of the MSSP Alert sponsorship program.

Leave a Comment

Your email address will not be published.