Five Questions You Need To Ask Yourself Before Choosing an Endpoint Protection Solution
The following is an excerpt from Solutions Review’s 2018 Endpoint Security and Endpoint Protection Solutions Buyer’s Guide, to view the whole report, download if for free here.
What size solution do I need?
If you’re running a thirty-person company, you’re going to need a different solution than if you’re overseeing security for an enterprise of five thousand. You can’t laugh off security if you’re a small company—no one is too small to target—but you might be able to get away with using an all-in-one solution that bundles in DLP, vulnerability scanning, and asset tracking along with the basic functionality. When you’re at the helm of a larger organization, you may be more likely to have a pre-existing network architecture that would make a broader endpoint protection product redundant.
How will I educate my users?
One of the biggest concerns that’s overlooked when onboarding a new solution is, “how are my users going to respond to this?” This is a huge problem with endpoint protection, because an endpoint is any device that connects to your corporate network. Your users’ laptops and personal devices need to have endpoint protection installed for your network to be truly secure. If your users aren’t security-aware, however, they might ignore the malware-scanner’s warnings, circumvent its firewall, or even just uninstall it. How will you make your end-users aware that endpoint protection is critical?
How do I implement the product?
This is another question that depends on the systems that you have up and running prior to choosing a new endpoint protection strategy. If you’re just setting up an organization, you won’t have to worry much about your product conflicting with pre-existing systems. In a more established organization, you’ll have to wonder about conflicts, not just with existing security applications, but also with applications currently employed by your end users. For users to buy into information security, you must implement endpoint protection in a way that doesn’t interfere with day-to-day activities.
How does this affect my team?
A common misconception about endpoint protection is that it is fundamentally a “set it and forget it” kind of product. It’s not—endpoint protection requires a modicum of human interaction in order to remain functional. For example, most signature-based products will automatically update their list of known malware, but certain kinds of malware can actually disable the update process. In order to prevent this and other forms of malfunction, you need to divert resources to review logs, apply patches, and check for infection. This will necessarily take time and effort away from other projects, so plan accordingly.
What is my contingency plan?
All systems fail eventually. Even the smartest and most cutting-edge behavioral recognition algorithm is going to eventually trip up and fail to recognize malware. Implementing a new endpoint protection product is the perfect time to re-evaluate your incident response and digital forensics plan. You’ll also need to understand how to integrate your new endpoint protection product into your overall incident response. This may be something as simple as dumping the logs from a personal firewall for analysis, or as complicated as purchasing an endpoint protection product with dedicated incident response capabilities.
Check out 5 more questions you need to ask potential endpoint protections vendors, as well as a full market overview of the top 24 vendors, their capabilities, and best use cases in Solutions Review’s 2016 Endpoint Security Buyer’s Guide, available as a complimentary download here.
Now watch this: