According to a study conducted at Black Hat USA 2015, security experts are most concerned about the endpoint. Endpoints, they say, are the greatest security risk because they require a uniquely delicate balance of security and productivity.
The survey also covered other security concerns and how they affect enterprises. The majority of those surveyed (90%) acknowledged that disabling flash would make their organization more secure. However, 41% said it would decrease productivity. Only half of those surveyed implement patches for software vulnerabilities within the first week. For some (22%), it takes a month to get this done.
Keeping the Endpoint Strong
Endpoints are arguably the most important component of security. With so many ways to access the network, there is a greater threat for intrusion and therefore increased vulnerability for your enterprise. A Forbes article explains endpoints remain at risk even when organizations prioritize network security solutions. Furthermore, endpoints are critical for real-time detection and response to cyber attacks.
Endpoints are equally important for SSL Certificates. Specifically, if the endpoints are configured incorrectly or not using the most up-to-date security protocols, you could be leaving your organization at risk for attack or vulnerabilities.
Analyzing SSL Certificates and Server Configurations
DigiCert created a tool designed to inspect your certificates for these exact certificate issues. Certificate Inspector scans the network for certificate vulnerabilities as well as endpoint vulnerabilities, such as BEAST, BREACH, Heartbleed, FREAK, weak cipher suites, and more. Certificate Inspector is kept up-to-date as vulnerabilities are discovered, so you can consistently rely on the tool to help you manage and monitor your SSL Certificate health.
Certificate Inspector also assigns a grade (on a scale of F to A+) based on endpoint security. At any given time when you sign in, you can see your certificates at a glance and their invididual grades. Dive deeper by viewing each certificate individually and learning specifically what needs to be done in order to bring the grade and security up.
Complete security does not start and end with SSL—instead, it’s an entire management process of monitoring, inspecting, deploying, and updating endpoints, hardware, software, and SSL Certificates. Certificates are just one part of the enterprise security puzzle, and endpoints may warrant more close attention to ensure your company stays safe.