What drives endpoint protection’s evolution in business networks? How do both external and internal factors transform endpoint security in the modern age? Why should you, as an IT decision-maker, care about this evolution?
Originally, “endpoint protection” referred primarily to antivirus technology, which proved more than enough to deter hackers. After installing antivirus on the few on-premise desktops, companies could rest easy setting and forgetting their cybersecurity.
However, hackers evolved their tactics and their tools, and antivirus proved insufficient to deal with new threats. Endpoint protection’s evolution over the years mirrors biological evolution in that the only rule is “adapt or die.” Cybersecurity solutions must change to fit with the current and future threat landscape as well as the changing IT infrastructure.
All of this might seem abstract to the outside observer. Here are a few concrete examples to consider.
Endpoint Protection’s Evolution in Business Networks
1. Poor Data Management Means More Breaches
The editors here at Solutions Review naturally review a lot of information on corporate data breaches large and small. One of the most frequent recurring phrases in our research? A sentence ending with “…as the result of a misconfigured database.”
Misconfigurations on databases, and the potential for unknown databases created by everyday users, should worry all businesses. Both mean that if hackers can find the data, they could steal or expose it with impunity. Worse could happen if users upload sensitive data to public cloud databases, where enterprises can’t rely on the cloud’s creators to protect them.
Endpoint protection’s evolution has thus taken into account these (often well-meaning) internal attack vectors via data loss prevention (DLP). This key capability helps govern what users can move what data and to where. It prevents users from uploading data to public cloud servers, emailing sensitive data out of the network, and other potentially dangerous actions.
2. The Digital Perimeter is Rather Fluid Now
Once upon a time, there existed a concept called the digital perimeter. Formed via antivirus and firewalls, the digital perimeter worked to keep external threats out. However, with the advent of the cloud and the proliferation of mobile devices (more on that in a moment), the digital perimeter began to dissolve.
Now, identity management is generally regarded as the heart of the new digital perimeter. Yet malware still finds ways to slip through past firewalls and antivirus capabilities. Without the right tools, this malware can move through the network unchallenged and inflict greater damage than ever before.
Endpoint detection and response (EDR) works to alleviate this problem; EDR works like SIEM in that it enacts threat detection and generates alerts to facilitate investigation and remediation. It is an essential component of modern endpoint protection platforms.
3. Bring-Your-Own-Devices (BYOD)
Originally BYOD began as a cost-saving and efficiency policy. Employees routinely express more comfort on their own devices than with company-issued ones. Simultaneously, employers notice bumps in productivity when employees use their own endpoints. In fact, BYOD could even reduce costs. Although it posed some cybersecurity challenges, most enterprises embraced BYOD as the next step of their digital transformation.
Then COVID-19 changed everything. All of a sudden, enterprises couldn’t just take their time to embrace BYOD and the subsequent endpoint protection challenges inherent therein. Instead, they needed to start making such moves immediately in order to enforce social distancing and prevent the spread of the virus. Remote work might even become the new normal after a cure for the virus becomes commonplace, which means more of the network spreads across multiple Wi-Fi and endpoints.
So a majority of work for several industries takes place outside corporate firewalls and outside normal endpoint monitoring. Your endpoint security needs to expand beyond those parameters to fit with the modern age.
First, you need to embrace endpoint protection platforms that accommodate or include virtual private networks (VPNs) to ensure secure data traffic among remote workers. Second, you need an endpoint visibility capability which can include remote logins and connections.
Check out the Solutions Review Endpoint Security Buyer’s Guide for more information. We cover the top solution providers and their key capabilities in detail.
Latest posts by Ben Canner (see all)
- The Colonial Pipeline Hack: What to Know and Commentary - May 11, 2021
- Findings: The Forrester Wave: Enterprise Email Security, Q2 2021 - May 7, 2021
- Solutions Review Finds: The Highest-Rated Cybersecurity Books - May 7, 2021