In recent months, there is a lot of buzz about Endpoint Security. So what is Endpoint Security … and why the fuss?
End point security is an IT security concept that makes each device (end point) responsible for its own security. Endpoint security is a strategy in which security software is distributed to end-user devices but centrally managed.
Today’s expanding enterprise makes it increasingly difficult for IT managers to safeguard the corporate network. Employees, as well as contractors and partners, routinely access corporate data via remote access, LANs, or wireless connections. This type of access creates a myriad of potential entry points for security threats to infiltrate the network.
This problem is compounded by the fact that traditional antivirus software, intrusion detection systems, and software patches are reactive technologies that are rendered virtually useless in containing threats that can propagate worldwide in minutes. By the time a new virus signature or patch can be applied throughout the enterprise, the damage has been done.
Thus the need for endpoint security solutions which proactively protect every endpoint PC in the enterprise, effectively containing threats and resolving attacks quickly.
The growing number and variety of threats to endpoints, as well as threats that use endpoints as a vector, has made endpoint security a “hot topic”.
Endpoints are where the typical enterprise conducts most of its business, and disruption to endpoints is a huge impact to enterprises in terms of cost and lost productivity. Since endpoints are now a primary target of these threats, enterprises are forced by necessity to confront Endpoint security as a core business issue.
Endpoint security systems work on a client/server model. A client program is installed on every endpoint. Endpoints can include PCs, laptops, handhelds, and specialized equipment such as inventory scanners and point-of-sale terminals. A server or gateway hosts the centralized security program, which verifies logins and sends updates and patches when needed.
In other words, endpoint security software is a centrally-managed software system that protects end-user devices such as laptops, PC’s, Smart phones, PDA’s, POS terminals and more. Endpoint security systems are hosted on a server or gateway, and installed on every endpoint or user device that connects to the business network.
Simple forms of endpoint security include personal firewalls or anti-virus software that is distributed and then monitored and updated from the server. The term is evolving, however, to include security elements such as intrusion detection and prevention, anti-spyware software, and behavior-blocking software (programs that monitor devices and look for operations and actions that are typically initiated by unsanctioned applications or those with malicious intent).
The most complex endpoint security programs use network access control to grant authentication and specific forms of access to user devices. When a device attempts to log in to the network, the program validates user credentials and also scans the device to make sure that it complies with defined corporate policies before allowing access. Required elements may include an approved operating system, a firewall, a VPN and anti-virus software with current updates, as well as any mandatory corporate software. The program will also run a scan to ensure the lack of unauthorized software, such as peer-to-peer applications and games. Devices that do not match the policy are given limited access or quarantined.