Surge in Remote Working Highlights Growing Need for Network Traffic Analytics

As bad actors ramp up phishing campaigns against remote workers, Chief Information Officers (CIOs) across the globe are finding that their employees are using previously undiscovered computing devices daily or weekly.

A global study of 750 IT decision makers sponsored by Tanium reveals that 57 percent of CIOs worldwide worry that a lack of visibility and control of endpoints – such as laptops, servers, virtual machines and cloud applications – are making their organizations more vulnerable to hacker attacks.

54 percent of respondents say adding solutions and environments without permission from the IT department is the biggest challenge in controlling their IT environment. Enterprises everywhere are experiencing this problem and are exposing their networks to data and privacy breaches. Researchers say these risks are set to escalate as stay-at-home orders extend not just in duration, but also in scope.

CIOs expect the volume of unpatched devices to increase due to the growing complexity of IT systems, forcing them to implement an average of 38 separate security and operations tools to manage their IT environments. But an overabundance of security appliances limits the effectiveness of already-siloed teams, while IT departments drown in false alerts and have even less visibility into the estate.

22 percent of IT decision makers say their employees are clicking on malicious links, presenting a major challenge in maintaining control of the IT environment. And 34 percent say some departments have taken matters into their own hands, without permission, and have implemented their own tools, causing endpoint visibility gaps as well as potential inconsistencies with local data protection laws.

Luckily solutions exist to address this hurdle. Bitdefender answers this problem with its Network Traffic Security Analytics offering. NTSA’s breach detection capabilities extend to every endpoint in the enterprise network. By focusing on the network behavior of endpoints, it can protect devices with limited or no built-in security capabilities and no endpoint security agent running on top. By using network traffic as its source of information, NTSA detects threats immediately as endpoints deviate from normal behavior, whether due to an external source or an internal malicious attack. Detection is also effective against both generic and advanced persistent threats, as well as threats never seen before. Incident alerts are automatically correlated and triaged for greater efficacy in security operations and improved incident investigation. The integration with Bitdefender GravityZone enables autonomous responses  to quickly remediate security incidents. Interested in deploying NTSA on your network? Learn more on

*** This is a Security Bloggers Network syndicated blog from Business Insights In Virtualization and Cloud Security authored by Filip Truta. Read the original post at: