Putting a Finer Point on Endpoint Security
Putting a Finer Point on Endpoint Security

Ted is working from the plane, Alison just downloaded a file from a corporate server using the hotel's Wi-Fi, and Sam is on-site at a client's office collaborating with his team of experts around the world to resolve an issue. This is how business gets done in a digital world. But it can also introduce risk.

Every time an employee goes online, surfs the web, clicks on an email, downloads a file, connects to the corporate network, or accesses resources in the enterprise, they're potentially exposing their device and the company to threats. Nearly every day we hear about another ransomware, malvertising, or phishing scam that uses the endpoint as a way to gain access to your environment in order to profit, damage or disrupt. How can you make sure your employees and your organization are protected?

Companies need to empower people to work from anywhere, using any device, and remain secure – and the security industry is responding. In fact, according to Gartner approximately 30 vendors currently offer products (albeit for better or worse) related to the Endpoint Detection and Response market and more are emerging. But can all these vendors address all aspects of endpoint security to embrace how the world works today and what's required for success?

The way people work and malicious attacks put endpoint security front and center. However it isn't enough to block threats or give deep visibility into advanced threats targeting end-user devices. Today, an effective endpoint security solution must also support productivity to allow users to connect seamlessly and safely from anywhere. It must also assure devices always stay compliant with an organization's security policies as workers access the tools and data they need to get their jobs done wherever they are.

When evaluating endpoint security solutions, the following three questions can help you identify solutions that addresses not just security, but the finer points of productivity and compliance as well.

1.       Can end users connect back to my enterprise securely from any device, at any time from any location so they can get their jobs done? To foster productivity, whenever they connect to the corporate network from the road, workers need highly secure remote access, with an encrypted connection back to office resources and systems behind the firewall. Unlike public Wi-Fi networks, which are notoriously insecure, with secure connectivity no one can intercept a company's confidential information that employees need to conduct business.

2.       Can I make sure that every device, corporate- or employee-owned, that connects to the network is compliant with our specific security policies? Individuals must be automatically confirmed that they are authorized to access that data – and allowed to do so from that device, which requires strong authentication. What's more, you'll want to know if the device has the necessary security like advanced malware protection and anti-virus – and that is it up to date. Naturally, you'll want to confirm that the device hasn't been infected before it can get onto the network. And how about if the device is running vulnerable software making it an easier target for attacks? You'll want to know that, too. Preventing non-compliant devices from accessing the network mitigates the risk of threats to your network, high-value data, and other digital assets.

3.       How are employees and their devices protected against malicious attacks? There are plenty of points during the day, when mobile workers can introduce security risks to the business. In a survey conducted by IDG Research, 82 percent of corporate laptop users admitted to sometimes bypassing their organization's VPNs. As a first line of defense you need protection on and off the corporate network with the ability to block connections to malicious IP addresses, URLs, and domains. Of course you also need protection on the endpoint that blocks attempts to download a malicious file or clicks on a malicious link. A combination of various detection methods including machine learning, fuzzy fingerprinting, and sandboxing can help detect and stop known and unknown threats. When advanced malware does get inside, continuous monitoring and threat detection will allow you to quickly spot threats fast, scope a compromise, and remediate instantly.

In the age of mobility, adversaries are taking advantage of new business models, devices, and vulnerabilities to launch attacks. Endpoint security is increasingly important, but it isn't just about protecting against attacks. To truly be effective, endpoint security must enable not just best-in-class protection, but productivity and compliance too.