Security Architecture, Cloud Security, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

The end of the endpoint

“I want my iPad!” This mantra has swept through the enterprise in the past six months more rapidly than “I want my MTV!” consumed a generation of budding teen-nerds in the 1980s and “I want my Poodle skirt” defined a happily forgotten fashion in the 1950s.  

The iPad and a thousand other interesting devices like it are moving from the consumer space and into the enterprise at an unprecedented rate. The rapid adoption of consumer devices in the enterprise is causing a significant disruption in the way we think about – and enforce – security.

Most IT customers have come to a startling realization. Regardless of what their policies might say, they have lost control of the endpoint. This is a big deal, because a well-controlled endpoint running the “corporate image” has been the mainstay of enterprise security for decades.

But technology doesn't stand still.  That is a good thing. If Disney movies have taught me anything, it is that when something you love goes away (like Bambi's mother), it forces you to grow up and become stronger. True to the Disney plot lines, as we lose control of the endpoint, a more evolved way to enforce security policy emerges.

What arises from the ashes of the endpoint – the magic bean here – is multicore silicon. Multicore processors from Intel and others are providing massive performance enhancements for network-based security scanning elements. Today, we have appliances that can run three layers of anti-virus, advanced data protection algorithms, global reputation analysis and real-time acceptable-use filtering in the network. A single two-rack unit appliance can provide all of this scanning for a population of 10,000 users. That is with eight cores. In 18 months (nod to Moore's Law) that same appliance will have 64 cores – a massive amount of scanning capability. Try running this level of scanning on your iPad. Not going to happen. (Frankly, I don't want any heavy corporate applications running on my personal device anyway.)

In the consumerized IT world of tomorrow, we will need to rely on powerful network-based scanning engines that are deployed in a distributed “security fabric.” Then, the role of the new endpoint becomes a frictionless facilitating connection into the enterprise.

The next-generation endpoint – which by the way, is available today – streamlines the end-user experience when connecting from any device: traditional Windows machines, Macs, Linux machines, and the full spectrum of “next-gen computers,” including smartphones like the iPhone and tablets such as the iPad. There is a clientless mode for devices with no agent present, and there is a lightweight agent available for every major platform. Working as a single security architecture, this next-generation endpoint is focused on making the end-user experience excellent, and it leaves the heavy lifting of security scanning to the increasingly powerful boxes in the network or in the cloud.

The enterprise of tomorrow will be comprised of an increasingly heterogeneous collection of increasingly unmanaged devices. This rapid shift in technology requires a major re-think of how we deploy security – and what role the endpoint plays. In short, it's the end of the endpoint as we know it.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.