For your edification, we provide our next-gen enterprise endpoint security glossary. This explores the major terms in this critical cybersecurity branch and why you need these solutions.
Of course, a true endpoint security glossary would take an entire book to explore each term thoroughly. Thus we have condensed it to the must-know concepts for understanding modern cybersecurity However, we hope this list guides your thinking about your current cybersecurity solution. It can help clarify your cybersecurity strategy and help you determine if you should upgrade your current solution.
The Endpoint Security Glossary
Endpoint security, while seeming straightforward, can prove confusing as you dive into detail. Hence this endpoint security glossary tries to simplify the concepts and terms into workable definitions.
Starting from the top:
No endpoint security glossary can begin without first defining its primary term.
Primarily, endpoint security refers to cybersecurity which fortifies endpoints. Generally, endpoints refer to any device connecting to the IT environment—desktop computers, laptops, mobile devices, IoT devices, etc.
Put another way, endpoint security protects your enterprise network by protecting the remote devices connecting to it. One of its major goals is to protect against malware and other non-identity threats.
Like all other cybersecurity solutions, multiple components comprise endpoint security. Often, experts use the term “endpoint security” interchangeably with “endpoint protection platforms.”
The Digital Perimeter
Frequently, we refer to the digital perimeter when we discuss enterprise endpoint security. However, we never fully defined what the digital perimeter actually means, nor why we feel so adamant about its security.
The digital perimeter refers to the boundary between your IT environment and the outside digital world. Users, applications, programs, and data must enter and exit through this digital perimeter as part of their business processes.
Every endpoint constitutes a potential entryway into your IT environment; after all, your users primarily interact with your databases and assets through their endpoints. Therefore, each endpoint constitutes a node in your enterprise’s digital perimeter.
External threat actors use endpoints as a stepping stone for their attacks; it paves the way for them to penetrate enterprise networks and laterally move to new networks.
Next-generation endpoint protection platforms work to secure the digital perimeter.
Also known as anti-malware, this capability allows enterprises to prevent malware, or otherwise detect and remove it. More advanced versions, called next-generation, can also provide application whitelisting, exploit techniques deflection, and AI adaptation.
Antivirus represents perhaps the most recognizable aspect of enterprise endpoint security to the layperson; almost everyone has some experience working with antivirus software. As a result, this capability receives an aura of familiarity which can help with overall solution adoption.
However, many enterprises mistakenly conflate antivirus software with endpoint security. Often, they cling to their legacy antivirus, which lacks the threat intelligence and detection capabilities to defend against new attacks. Thus enterprises leave themselves vulnerable to evolved digital threats or threats designed to evade typical detection capabilities.
Certainly, antivirus software can offer some layers of protection, but can’t function optimally alone. You need a full suite of endpoint security capabilities to survive in the modern digital marketplace.
Another well-known term in our endpoint security glossary. Firewalls monitor and control network traffic entering and exiting your IT environment. In other words, they serve as the checkpoints of your digital perimeter.
Under normal circumstances, firewalls only allow trusted (or seemingly trustworthy) traffic in and out of the network. It should automatically block malicious or suspicious traffic and domains.
Modern firewalls, called next-generation firewalls, come in two varieties. Network firewalls monitor traffic between networks. Meanwhile, host-based firewalls control traffic from machines. In either case, it should also examine incoming messages for malware and outgoing messages for sensitive data leaving without permission.
Endpoint Detection and Response (EDR)
Perhaps one of the most important terms on this endpoint security glossary. EDR refers to a fairly new yet essential capability which helps defend against threats after they bypass prevention.
Unfortunately, preventive cybersecurity can no longer guarantee 100% effectiveness against cyber attacks. While prevention can deter and deflect many malware varieties, it can’t protect against the rapid evolution of digital threats or zero-day attacks. Accordingly, cybersecurity now focuses on detection and response rather than pure prevention.
Therefore, endpoint security providers now offer EDR as a means of detecting and responding to threats which penetrated your perimeter. EDR monitors the network for suspicious activity, detects security events, sends security alerts, and helps with containment and remediation.
No less an authority than Gartner declares EDR a critical capability in next-generation endpoint security.
Internet of Things (IoT)
We bring up the Internet of Things for two reasons:
- The Internet of Things continues to grow at a phenomenal rate, and it constitutes a growing part of enterprises’ digital perimeters.
- IoT devices are notoriously insecure from a cybersecurity standpoint.
Simply put, the Internet of Things refers to any physical device or everyday electronic which can connect to the Internet. Typically this doesn’t refer to typical endpoints; your mobile device doesn’t count as an IoT device, whereas your smart kettle does.
As a rule, IoT devices receive no cybersecurity firmware in their design and often become dark areas in your network. Even those devices with cybersecurity firmware often carry simplistic administration passwords which hackers can easily crack.
Moreover, trying to upgrade or patch IoT cybersecurity firmware creates its own challenges. If you have any smart devices connecting to your IT environment, you need an endpoint security solution which can secure them from outside threats.
Secure Email Gateways
The majority of enterprise cyber attacks come through email. In fact, that statement may well undersell the threat. 92.4% of malware is delivered via email, according to the Verizon 2018 Data Breach Investigations Report.
To combat this, secure email gateways monitor incoming and outgoing messages for suspicious behavior, preventing them from being delivered. They can be deployed according to your IT infrastructure and work to prevent phishing attacks.
This endpoint security glossary highlights the diversity of threats facing your enterprise every day. You can’t afford to take these warnings lightly. Start thinking seriously about your cybersecurity before you end up in the headlines.
If you would like to learn more about endpoint security and cybersecurity, be sure to check out our 2019 Buyer’s Guide! We explore the top vendors in the field and their key capabilities.