 |
|
|
10 May 2010
Redefining Endpoint Security
Written by Ron Penna
Redefining Endpoint Security
Most security professionals believe that Endpoint security is a strategy in which security software is distributed to end-user devices but centrally managed. Endpoint security systems work on a client/server model. A client program is installed on or downloaded to every endpoint, which in this case, is every user device that connects to the corporate network. Endpoints can include PCs, laptops, handhelds, servers, printers, and even specialized equipment.
Endpoint security software has been around longer than any other information security solution (namely desktop anti-virus). Most of the time and effort IT administrators have spent in securing their environments has been on endpoint devices. However, most publically disclosed data breaches include the compromise, exploit, loss, or theft of an endpoint device. So is the endpoint security software not effective in preventing breaches or is there another problem?
The other problem
For years security professionals looked beyond their networks for the source of data breaches. The fear of hackers, cyber criminals, and other external threats drove the market and subsequently the majority of information security solutions that are available today. So the vast majority of “endpoint” security solutions attempt to solve the “outsider” problem when in reality it is insiders that pose the greatest threat to organizations.
Additionally users often excuse themselves from “patching” and other computer maintenance tasks because they believe nothing of value is on the computer itself. What they forget is the value of that system may not be in what it is storing, but what it can be used for or what other systems and data it can access. Often a device by itself doesn’t have access to other systems and data. Usually a system only has this access when it is in conjunction with the credentials of an authorized employee. So in most cases, the point at which a device becomes “valuable” to criminals is when it combines both the device and the user credentials.
As a result, an endpoint should not just be looked at as a device, system, computer, server or laptop. The definition of an endpoint should also include the notion of employees, contractors, 3rd parties, telecommuters, travelers, and other insiders that use these systems. Perhaps the term “endpoint” should include the notion of insiders due to the symbiotic relationship between the device and the user which ultimately creates a valuable asset. Once you have a valuable asset, organizations need to protect it; however, traditional security solutions only solve half the issue because they are only looking for outside threats. Endpoint security solutions that focus on digital fingerprinting, code analysis, software behavior, and other technical aspects miss the larger part of the problem…the insider!
The Solution
In addition to traditional endpoint security agent software, organizations need a solution designed to protect them from their greatest threat… the insider. Whether this is a careless, untrained or malicious insider, companies can protect themselves by using technologies designed to mitigate this threat. Awareness Technologies offers an all-in-one endpoint security suite designed to protect an organization from insider threats that include the following 4 core features:
Data Loss Prevention
Web Filtering
Asset Management, Tracking and Recovery
Insider Monitoring
A key element in endpoint security is centralized management. Deployment, configuration, updates, reporting, auditing and monitoring must be done centrally or major security gaps can result. Awareness Technologies grants organization complete control from a software as a service (SaaS) based management console. No hardware, no servers, no hassle. Easy to install and manage.
Remote users such as travelers and telecommuters are often excluded due to the limitations of traditional endpoint security solutions. Not with Awareness Technologies. The endpoint agent can be loaded on any computer anywhere in the world and can still be managed centrally from the same cloud based management platform.
Awareness Technologies grants you superior control and complete visibility into your endpoint security focusing on the most important element, the insiders. The Awareness Technologies solution combines the benefits of security risk mitigation, reduced liability, increase employee productivity, incident forensics, and asset tracking and recovery.
Endpoints should include both the devices and users because the combination of the two makes up the greatest threat to organizations today. Awareness Technologies is the next generation in endpoint security software because it is it allows IT administrators, compliance officers, and executives the ability to control what traditional endpoint security solutions ignore… the insider.
|
|
|
|
|
|
|
|
|
|
