Endpoint Security and its increasing importance in the age of remote work

What is it?
Gartner defines an endpoint protection platform (EPP) as a solution used to “prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.” Endpoint security is all about defending endpoints from malicious activity.

What is an endpoint?
Any physical device that can be connected to a network is an endpoint. Some examples are- Desktops, Laptops, Mobile phones, Tablets, Internet of things (IoT) devices, Servers, Point-of-sale (POS) systems, Switches, Digital printers, Cameras, Appliances, Smart watches, Health trackers and Navigation systems.

Why have an Endpoint Security Strategy?
With the pandemic leading to a shift to remote work, the number of endpoints is only increasing. And every endpoint can be an entry point for a cyberattack. This makes it vital to have an endpoint security strategy in place.

Endpoint Protection Approaches-
An Endpoint protection solution offers a centralized management console from which administrators can connect to their enterprise network. With this they can monitor, protect, investigate and respond to incidents. The following are the approaches that can be taken-

  • On-Premise– This is a traditional approach. It involves an on-premise security posture that relies on a locally hosted data center from which security is delivered. The data center acts as the hub for the management console. With this it reaches out to the endpoints through an agent to provide security. This approach is not very efficient since administrators can only manage endpoints within their perimeter.
  • Hybrid– The limitations of the on-premise approach has led some vendors to take a Hybrid approach. They do this by taking a legacy architecture design, and retrofitting it for the cloud. Thus, gaining some cloud capabilities.
  • Cloud-native– This solution is built in and for the cloud. The centralized management console lives in the cloud and connects to devices remotely through an agent on the endpoint. The agent can provide security for the endpoint even in the event of no internet connectivity. By leveraging cloud controls and policies this approach maximizes security performance.

To build your Endpoint security strategy, get in touch with us at contact@protectera.com.au