5 Questions to Ask Before Selecting an Endpoint Security Solution

Solutions Review lists the five questions you need to ask of your business when you’re evaluating an endpoint security solution.

Endpoint security occupies an interesting space in the cybersecurity market. The traditional digital perimeter—the former prime area of protection for endpoint security software—no longer exists. Identity and authentication have now almost completely subsumed the perimeter as it relates to enterprise IT environments. Yet simultaneously, the typical IT environment has grown far beyond what any expert could have predicted even a few years ago.

When adopting an endpoint security solution, make sure to ask these five questions of your business.

What size solution do I need?

If you’re running a thirty-person company, you’re going to need a different solution than if you’re overseeing security for an enterprise of five thousand. A small company might be able to get away with using an all-in-one solution that bundles in Data Loss Prevention, vulnerability scanning, and asset tracking along with the basic functionalities. When you’re at the helm of a larger organization, you may be more likely to have a pre-existing network architecture that might require protection for remote workers and IoT devices.

How will I educate my users?

One of the biggest concerns often overlooked when onboarding a new solution is: “how are my users going to respond to this?” This is a huge problem with endpoint security because it requires complete employee buy-in for it to function optimally. Your users’ laptops and personal mobile devices need to have endpoint protection installed for your network to be truly secure. If your users aren’t security-aware, they might ignore the malware scanner’s warnings, circumvent its firewalls, or even just uninstall the solution.

How do I implement the product?

If you’re just setting up an organization, you won’t have to worry much about your product conflicting with pre-existing systems. In a more established organization, you’ll have to wonder about conflicts—not just with existing security applications, but also with applications currently employed by your end-users. For users to buy into information security, you must implement endpoint protection in a way that doesn’t interfere with their day-to-day work.

How does this affect my team?

A common misconception about endpoint protection is that it is fundamentally a “set it and forget it” kind of product. It’s not—endpoint protection requires more than a modicum of human interaction to remain functional. For example, most signature-based products will automatically update their list of known malware, but certain kinds of malware can disable the update process. To prevent this and other forms of malfunction, you need to divert resources to review logs, apply patches, and check for infection.

What is my contingency plan?

Implementing a new endpoint security product is the perfect time to re-evaluate your incident response and digital forensics plan. You’ll also need to understand how to integrate your new endpoint protection product into your overall incident response. This may be something as simple as dumping the logs from a personal firewall for analysis, or as complicated as purchasing an endpoint security product with dedicated incident response capabilities.