Endpoint Security…What Is it all about?

February 23rd, 2008 by Alina (0) Data Loss, Data Theft, endpoint security

Back in 2005, people had very different opinions on what endpoint security was. They were debating what it covered, how it was achieved and who spread the concept. To see how different opinions were, here’s an article that’s over 3 years old. Currently, one could try an online IT glossary to find out what endpoint security is all about. And they’d get to a definition close to the one below:

Endpoint security is a strategy in which security software is distributed to end-user devices but centrally managed. Endpoint security systems work on a client/server model. A client program is installed on or downloaded to every endpoint, which, in this case, is every user device that connects to the corporate network. Endpoints can include PCs, laptops, handhelds, and specialized equipment such as inventory scanners and point-of-sale terminals. A server or gateway hosts the centralized security program, which verifies logins and sends updates and patches when needed.

A bit clearer, but how is this different from antivirus software and other authentication mechanisms previously used? SearchSecurity.com expands the above definition and gives a few hints on how endpoint security is more complex and thus a key point to take into account when building individual or corporate security policies:

Simple forms of endpoint security include personal firewalls or anti-virus software that is distributed and then monitored and updated from the server. The term is evolving, however, to include security elements such as intrusion detection and prevention, anti-spyware software, and behavior-blocking software (programs that monitor devices and look for operations and actions that are typically initiated by unsanctioned applications or those with malicious intent).

The most complex endpoint security programs use network access control to grant authentication and specific forms of access to user devices. When a device attempts to log in to the network, the program validates user credentials and also scans the device to make sure that it complies with defined corporate policies before allowing access.

Mix this with the initial description and you’re pretty close to home. And of course, there is always a shorter way to explain it all. Also a little clearer and easier to understand. Like this:

Systems and solutions designed to protect and control endpoints whether those endpoints are within, attached, or connected remotely to an organization’s network. Endpoint security solutions can include but are not limited to: antivirus, virtual private network (VPN), host intrusion prevention, personal firewall, anti-spyware, and multi-factor authentication solutions.

What I personally think endpoint security should be all about (and what some good endpoint security solutions developers are actually doing) can be listed as follows:

  • cover both individuals and companies
  • be able to offer the same level of security to all types of businesses SOHO, SMB and large companies
  • prevent data loss and leakage
  • prevent data theft and other security breaches
  • identify all real threats (from both outside and within a certain network)
  • offer comprehensive file tracing and auditing features
  • allowing trusted devices to be identified as such
  • protect a network from all possible gadgets and portable data storage devices
  • help customers efficiently comply with IT security and governance standards and legislation
  • as a cherry on top, it should all be easy to understand and to operate, as learning time is limited

What is endpoint security to you? What important factors have I left out? Feel free to add your ideas to the checklist I’ve created.

© Endpoint Security Info 2008. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML