Endpoint Security: How Much Do Prevention Capabilities Matter?

How much does prevention capabilities still count in endpoint security considerations? In other words, how should your enterprise weight prevention-based capabilities when selecting an endpoint security solution? 

This proves a contentious debate and not an easy one to resolve. Previously, endpoint security provided antivirus protection, which prevented the overwhelming majority of attacks. However, that era of cybersecurity passed long ago. 

Even the most fortified cybersecurity perimeter cannot repel 100 percent of all attacks. Eventually, hackers can find a way to break into your network, which requires strong threat detection and incident response capabilities. Additionally, the advent of the cloud makes securing a set “perimeter” something like a lost cause; often, enterprises have several set digital “locations” both public and private they need to fortify, which makes for more porous perimeters. 

Next-generation endpoint security provides capabilities to fit with this new age of cybersecurity. These include endpoint detection and response (EDR), data loss prevention (DLP), and application control. Yet this doesn’t answer whether prevention capabilities matter to the selection process. How much value should enterprises assign antivirus when EDR fits so much more in the current model? 

We can’t answer that question directly; so much depends on your own enterprise’s use case including industry, size, and current IT infrastructure. However, all IT decision-makers should remember that while the cybersecurity discourse changes, hackers still use malware. Ransomware continues to prove dangerously effective, as evidenced by the recent Honda ransomware attack. Phishing attacks succeed in deceiving even vigilant employees and employers alike, sometimes breaking into networks through the simple clicking of a link. 

IT decision-makers should weigh the importance of capabilities like next-generation antivirus and email security that filters suspicious communications. Every message and every link could be an attempt to crack your security. You need to take every step to hinder hackers’ efforts.  

Learn more about endpoint security in our Buyer’s Guide. We cover the top providers and their key prevention, detection, and remediation capabilities.