What is endpoint security?
by Ryan Ozawa
When discussing computer and network security, most people have a pretty basic model in mind: bad guys on the outside, good guys on the inside, and a protective wall between them.
Based on the most sensational cybersecurity headlines, advanced persistent threats (APTs) are attacking systems 24 hours a day, so it makes sense that a lot of focus is placed on blocking external attacks. But the bigger picture of cybesecurity is much more complex, and keeping the bad guys out is only part of a complete security strategy.
“The focus on external threats is somewhat misguided, and can lead to a quixotic concentration of resources to prevent and protect perimeter defense,” notes a recent business white paper published by HP. “Although external attacks—viruses, malware, phishing—are more prevalent, insider attacks are costlier.”
To prevent attacks, hacks, and data loss from inside a company, it’s critically important to ensure every endpoint is secure.
What is an endpoint?
In a modern computer network, there are centralized servers to which a variety of devices connect: computer workstations, laptops, tablets, and other mobile devices. These devices are endpoints, the various points of entry to a company’s systems, and the gateways through which information is entered and retrieved.
A network-connected printer is an endpoint, as is a bank ATM. Many, if not most, medical devices are endpoints as well.
The number of endpoints on a given system is increasing every day, from the growing popularity of “bring your own device” policies to an increase in remote working. The COVID-19 pandemic accelerated the introduction and expansion of remote access tools, sometimes faster than they could be fully tested and secured.
And because employees use endpoints, even external attacks become internal vulnerabilities, such as employees ignoring or even circumventing security rules, staff introducing unsecured devices on the internal network, or remote access practices leaving doors open to unauthorized parties.
In short, endpoints are where both good guys and bad guys get into a computer network, and thus they are a prime target of attackers.
What is endpoint security?
Endpoint security includes the policies and practices that protect against the accidental or intentional compromise of a company’s internal systems at each device.
The first type of endpoint security to emerge in the information age was antivirus software installed on each computer workstation. But as security threats became more complex, so did the defenses and tools developed to combat them.
According to a Forrester research paper, IT security professionals have three core needs for endpoint security solutions:
- Prevention: Malware execution blocking, system hardening, application control
- Detection: Behavioral monitoring, context building/intelligence integration
- Remediation: Attack containment, configuration management, vulnerability remediation
The diversity of devices now used in the modern workspace has spawned the development of endpoint protection platforms, which provide a unified set of tools that can be deployed across computers, laptops, tablets and smartphones.
“While historically, best-of-breed solutions for each [core need] reigned supreme, our study found that the majority of respondents now prefer an integrated suite solution that can manage all three of these key functions,” Forrester notes.
Why is endpoint security important?
While there are a number of reasons why endpoint security is a vital part of any cybersecurity strategy, the protection of a company’s information is perhaps the most critical.
“Data is often the most valuable asset a company has—and to lose that data, or access to that data, could put the entire business at risk of insolvency,” notes security software firm McAfee. “Hackers are always coming up with new ways to gain access, steal information or manipulate employees into giving out sensitive information.”
Email data loss prevention (DLP) tools are therefore a requirement for any business, and especially for healthcare providers.
Along with providing HIPAA compliant email by default, Paubox Suite Premium comes with additional features such as DLP to prevent unauthorized employees from sending sensitive information outside of a corporate network, and email archiving to store indexed emails in case of theft or eDiscovery purposes.
Paubox Email Suite Premium is an excellent tool to have in your belt to improve endpoint security.