Solutions Review lists the five questions you need to ask endpoint security providers when you’re evaluating solutions.
Endpoint security occupies an interesting space in the cybersecurity market. The traditional digital perimeter—the former prime area of protection for endpoint security software—no longer exists. Identity and authentication have now almost completely subsumed the perimeter as it relates to enterprise IT environments. Yet simultaneously, the typical IT environment has grown far beyond what any expert could have predicted even a few years ago.
In honor of Cybersecurity Awareness Month, we listed the important questions to ask your potential endpoint management vendor. When adopting an endpoint security solution, make sure to ask these five questions of any endpoint security provider you’re evaluating.
How good is the core functionality?
Endpoint protection includes four basic component capabilities: a malware scanner, a personal firewall, the ability to control ports, devices, and applications, and EDR. So, how well does your endpoint protection product perform those four basic functions? Does it rely on outdated methods such as signature-based detection? Does it incorporate essential new techniques like sandboxing, whitelisting, or enhanced threat intelligence? How well does it execute on these concepts?
Will it provide granular data?
A typical enterprise has a veritable zoo of devices connected to its network—not just Windows and Apple computers, but cell phones running iOS, Android, Windows Phone, and even the occasional senescent Blackberry. That’s not even counting the servers. Can your endpoint protection product run on all these devices? Does it run well on different platforms? If the answer is no, you’ll need to either find a platform-agnostic solution or resign yourself to finding a second solution that will cover all your platforms.
Will it run on all of my devices?
If you have many servers and workstations, it may be useful to collect and track statistics on how many computers are running on outdated hardware. Another time-saver is the ability to remotely push updates to connected devices, or push notifications to users and admins. Even if you don’t need these capabilities right away, these features may become more practical as the size of your enterprise increases or if you begin to incorporate remote workforces.
How does it react to the unexpected?
How long does it take for your endpoint security solution to react to a threat that it doesn’t recognize? Can it even recognize threats it may not have seen before—whether it be a new kind of threat like fileless malware or a threat hackers updated to become more subversive and more elusive? How does it incorporate threat intelligence, and where does it get its feeds? Knowing how the tool can handle curveballs is critical in knowing how well your company will be prepared against threats.
Is the product well supported?
Emergencies don’t happen on a schedule, so can the vendor get you on the phone with an engineer at the drop of a hat? If not, can they train your staff to support the product on their own? Lastly, is training bundled into the price of the product, or offered separately? As always, having well-trained staff and a thorough knowledge of a security tool is equally as important as the tool itself.
- Key Takeaways: The Forrester New Wave for Extended Detection and Response, Q4 2021 - October 22, 2021
- Druva Launches Rollback Actions to Prevent Unwanted Deletion Activity - October 21, 2021
- Bitdefender: A Third of Mobile Device Users Don’t Have Antivirus - October 14, 2021