HomeNetworking

Endpoint Security

Vangie Beal
Vangie Beal
Updated on:

Endpoint security is the practice of protecting endpoints, or entry points, of end-user devices, such as laptops and mobile devices, from malicious parties. It is a subcategory of network security as well as a feature of enterprise mobile device management. An endpoint security system gives organizations the ability to detect and respond to security events within their environments. Endpoint security has evolved from traditional antivirus software to providing extensive protection from advanced malware and threats. 

What is an endpoint?

An endpoint is a user device that accesses a network or applications. Common endpoint devices include:

Although the most common endpoints are laptops, desktops, phones, and tablets, the Internet of Things (IoT) is gaining traction in workplaces. Smart devices, whether they’re routers or refrigerators, are useful tools for managing appliances throughout an enterprise’s premises. However, IoT devices are notoriously unsecured because they don’t always require a password to access. If an attacker breaches an IoT device that’s hosted on the company network, that attacker could potentially access employee devices and sensitive data.

The importance of endpoint security

Endpoint security is becoming an increasingly common IT security function and concern as more employees participate in bring your own device (BYOD) policies and as the popularity of IoT increases. In addition, more employees are working from home after the COVID-19 pandemic shifted a wider percentage of the workforce to partially or fully remote positions.

The enterprise network security perimeter is extremely susceptible to penetration. The following are just some of the ways a threat actor can breach an endpoint: 

  • IoT devices that are not password-secured and connect to company networks
  • BYOD practices for employees, which don’t always segment personal applications and work applications from each other, in turn exposing data
  • Connections to public Wi-Fi networks or even home Wi-Fi networks
  • Malicious links sent through phishing emails, which download malware onto a device when clicked. Some forms of malware can transfer across devices on the same network
  • Downloadable files on websites that spread malware
  • Stolen credentials. Though threat actors can steal logins by viewing written passwords, they can also expose internet sessions remotely through man-in-the-middle attacks or credential stuffing

In many ways, data is the most important asset that a company has. To lose that data, or share it with a malicious party, puts a company at risk. As hackers continue to come up with new ways to gain access, steal information, or manipulate employees into giving out sensitive data, endpoint security systems have become a necessity for enterprise security.

Endpoint security systems

One of the most comprehensive forms of endpoint security is endpoint detection and response (EDR). EDR solutions give companies a centralized platform for monitoring endpoints, catching attacks before they spread, and responding to incidents as they arise.

Another endpoint security solution, endpoint protection platforms (EPP), works to prevent file-based malware, detect and block malicious activity from applications, and dynamically respond to security incidents and alerts. An EPP focuses solely on prevention, so relying on an EPP tool alone may not be enough to mitigate the risk of breaches. It’s worth mentioning that most EDR products now include EPP capabilities.

EDR platforms stand out because they focus on not only mitigating the effects of attacks but also on detecting suspicious activity and preventing threats before they happen. Good EDR solutions must collect and analyze enormous volumes of device data to accurately and consistently detect anomalies and potential cyberattacks.

Also Read: Top Endpoint Detection & Response (EDR) Solutions 

Features of endpoint security systems 

Comprehensive EDR vendors implement the following security features:

  • Data loss prevention. DLP software monitors stored data to keep it safe while it’s at rest. DLP technologies include encryption and automatic alerts that detect a violated enterprise policy or regulation. 
  • Vulnerability management. These programs search for and identify vulnerabilities in networks and computer systems. Practical applications include patching, scanning systems, and reporting risks to executives.
  • Patching. One component of vulnerability management, patching is an update process for code that contains a vulnerability.
  • Application whitelisting. Whitelisting an application means that each file is treated as an individual item, so it can be stopped from running if infected or compromised.
  • Identity and access management. IAM limits who can access applications and data within an organization since data loss and compromise often come through unauthorized users or unnecessarily granted credentials.
  • Data classification and protection. Classification helps businesses organize their data, so it’s useful for prediction and analytics.
  • Privileged account management. To protect data, security systems implement access controls for privileged accounts, often belonging to executives or other users who access sensitive data. 
  • VPN. Virtual private networks create a tunnel between an endpoint and a network, so outsiders cannot view and interrupt their internet session.
  • Endpoint encryption. Encrypting sessions on endpoint devices scrambles data into ciphertext so that outside viewers do not see. Endpoint encryption software encrypts data at rest (in storage) or data in motion (being transmitted from one device to another).

Top EDR vendors

Endpoint detection and response vendors cover endpoint security, threat detection, and data analytics. They may also include threat intelligence and intrusion prevention features. Top providers include:

Vangie Beal
Vangie Beal
Vangie Beal is a freelance business and technology writer covering Internet technologies and online business since the late '90s.

Related Articles

Endpoint Detection and Response (EDR)

Security Forrest Stroud - 0
Endpoint Detection and Response, or EDR, is a form of technology that provides continuous monitoring and response to advanced cybersecurity threats against enterprise networks...

Malwarebytes

Definitions Sam Ingalls - 0
Malwarebytes is a cybersecurity company specializing in network and internet security software, offering one of the top endpoint security solutions for consumers and small...

Sophos

Definitions Sam Ingalls - 0
Sophos is a cybersecurity company specializing in network security and unified threat management through its detection and response, firewall, cloud, and managed service solutions. With...

Kerberos

Security Ali Azhar - 0
Kerberos is a computer network authentication protocol used for service requests over an untrusted network like the internet. It is the default authentication protocol used by...

Related Articles

Definitions

Geotargeting

Geotargeting is a method of delivering data or content to users based on...
Read more
Definitions

Agile Project Management

Agile project management enables business teams to approach their projects and tasks with...
Read more
Definitions

Private 5G Network

A private 5G network is a private local area network (LAN) that utilizes...
Read more

Webopedia is an online information technology and computer science resource for IT professionals, students, and educators. Webopedia focuses on connecting researchers with IT resources that are most helpful for them. Webopedia resources cover technology definitions, educational guides, and software reviews that are accessible to all researchers regardless of technical background.

Advertisers

Advertise with TechnologyAdvice on Webopedia and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2021 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.