There has been a lot of buzz around the end-point these days. There are many reasons why the end-point has come to the forefront in security discussions. First, anti-virus and malware software have basically become obsolete. Zero day threats are too constant and mulitplied for companies to stay up to date on their security patches. Security needs to be in real time or close to real time. Second, we have become extremely mobile. We take our laptops, smart phones, smart pads, and many more devices everywhere we go. Now many people will say “hey, I have a next generation firewall. I don’t need end point security.” That person is exactly right, except for one problem. Your next generation firewall only works when you are connected to your network whether you are at work or you VPN.
My personal and work phone are the same device. When I leave the office, I disconnect from our network and the firewall no longer protects my device. Say I want to go buy Lakers tickets to watch Kobe in his final season and I go to an obscure site that seems to have incredible prices on tickets. This can potentially be a big problem. Long story short, that website infected my phone will malware. But I am not connected to the network so maybe my data and the company are fine right? No. the next day I walk into work, no clue my phone has been compromised and the moment I connect to the network, “uh oh” we have a problem. That malware has now gained access to the company network.
This is the problem with the end point and this is why end point protection has become such a popular topic.
So how do we protect our devices that move in and out of our company network? The idea around End-Point security and the shift in protection revolves around normal behavior vs. malware behavior. In order to protect company sensitive data, software needs to understand in real time when a user is not acting in the norm. There are many companies who are taking the approach of analyzing self-generated data in order to notice when a user is acting differently, which may be the sign of malware behavior and a compromised device.
There are a lot of players in this industry and picking the correct solution is critical to you and your data.
Here are some steps we like to take when vetting End Point Protection solutions as regards to your specific company:
- Make sure the solution has the platform coverage you need. For example does the solution support your OS and all versions running on all endpoints, making sure to consider mobile devices which typically run iOS, Android, and Windows.
- Is the solution comprehensive to all your organizations needs and requirements in order to provide layered protection?
- Does the solution offer the proper performance? For example, maybe you require high detection rates but with this requirement you require computing resources that may reduce performance. It is also important to understand that these solutions will not protect against every threat so it is good to keep in mind other low or free solutions that will detect that which your main solution cannot.
- How easy and user friendly is the management tool? What reports does it spit out? How much visibility do you have for each endpoint? Does it send alerts and in what fashion?
- Price is always important. Endpoint protection typically is purchased as a license per user or endpoint. Large volumes receive discounts (most of the time). Is it important to understand back end costs such as server costs or the need for a second product to support legacy systems.
- Last but not least, make sure you understand the support for the solution you are interested. Support can vary from company to company and your requirements for support during set-up and life cycle are important to making sure your solution is running properly with the least amount of downtime.
If you would like a free consultation to discuss your environment and security needs in regards to end point security solutions, please email at firstname.lastname@example.org or call at 858-866-9702.
“Making IT Better!”