IT endpoints are no longer just workstations and servers confined to corporate headquarters, branch offices, customer sites, and data centers. They can now be just about anything located anywhere, from employees’ homes to airports, hotels and in the cloud, and they may be devices owned by employees as a result of the bring your own device (BYOD) trend.
But every endpoint represents a potential entry point for cyber attackers, and needs to be managed because in many ways endpoint devices have effectively become the new corporate network perimeter, and consequently they are increasingly coming under attack.
The proliferation of endpoint devices beyond desktops, laptops, tablets, and servers to include things like cloud devices, IoT devices, phones, and Point of Sale systems, is making it increasingly difficult to manage all the endpoints that are connecting to corporate networks.
Endpoint security was a key theme at this year’s KuppingerCole Analysts’ Cybersecurity Leadership Summit, where the security implications of the explosion in endpoint devices, the importance of effective endpoint management, and the future of endpoint management were all discussed.
Security for endpoint devices plays a central role in your overall security strategy – you might also call it “Zero Trust” strategy. Endpoints today are way more than traditional PCs and notebooks. It is any device you interact with, and they must all be part of your strategy to prevent harm to your organization.
— Christopher Schütze, Cybersecurity Practice Director and Lead Analyst, KuppingerCole Analysts
Malware and other threats to endpoints are constantly evolving, and so too are the defence and response tools, with many of the latest offering coming to market featuring support from machine learning or other forms of artificial intelligence.
Tackling this topic head on at the Cybersecurity Leadership Summit, a panel debated and gave their perspectives on: Redefining Endpoint Security - The Role of AI & Machine Learning.
In the light of the proliferation of devices, the category could very well soon include things like drones and satellites that will also require cyber protection. Find out more about this topic by watching the following presentation on finding a Practical Approach to End Point Protection and end2end Encryption for Space and Drone Applications.
For a perspective on endpoint protection where there is already a clear and pressing need, have a look at this presentation on Endpoint Security in US Pharma Supply Chain.
And for a vendor’s perspective on the endpoint security challenge and one way of tackling it at scale, watch this presentation entitled: BigFix - Manage Every Endpoint, including employee-owned devices (BYOD).
Our analysts have blogged on various aspects of endpoint security, including how it is changing and how organizations can take a strategic approach.
For a concise discussion on these topics, have a look at this blogpost on The Evolution of Endpoint Security: Beyond Anti-Malware and this blogpost that considers: What is XDR?
The importance of protecting internet facing endpoints is considered in the blogpost entitled: Microsoft’s Threat Intelligence Play is Good News for Customers in Fight Against Ransomware.
A focus on BYOD can be found in this blog post entitled: Be prepared for BYOD, this blogpost on Doing BYOD right, and this blog post which addresses the question: How can IT keep a grip on mobile devices?
For an up to date perspective on BYOD in the context of modern business IT environments, have a look at this blog post entitled: CIO Advice: How to Make Your Digital Business Fly.
KuppingerCole Analysts’ research is largely aimed at helping organizations to orientate themselves to current business challenges and the information technologies that help address them.
The following Leadership Briefs are specifically aimed at helping to orientate organizations with regard to specific endpoint security product categories:
- Do I Need Endpoint Detection & Response (EDR)?
- The Differences Between Endpoint Protection (EPP) and Endpoint Detection & Response (EDR)
As mentioned earlier, endpoints are targeted because they represent potential network entry points for attackers for a range of attack types, including ransomware, which has rapidly evolved into one of the biggest cyber threats to organizations. For a perspective on endpoint security in the context of ransomware attacks, have a look at this Leadership Brief on Defending Against Ransomware.
Operational technology (OT) has become increasingly connected to IT infrastructure and linked to the corporate network to enable remote maintenance, but OT endpoints are often overlooked as potential entry points for cyber attackers are they are inadequately protected. To ensure you understand the risks and ways of mitigating them, have a look at this leadership brief entitled: How to get a Grip on OT Cybersecurity.
For a perspective on endpoint security within the wider context of information protection, have a look at this series of Leadership Briefs:
- Introduction to the Information Protection Life Cycle and Framework
- The Information Protection Life Cycle and Framework: Monitor and Detect
- The Information Protection Life Cycle and Framework: Deceive
Because endpoints increasingly include employee-owned devices, it is essential that organizations are able to manage and secure these devices that are connecting to the network. For an overview of the topic and recommendations on securing these devices, have a look at this Advisory Note on BYOD.
Endpoint security has been touched on in several webinars. Review the list below and choose those that best meet your needs or interests:
- Adding Certainty to Your Cyber-Attack Detection Capabilities
- Effective Endpoint Security With Automatic Detection and Response Solutions
- Endpoint Protection Made Easy With Privilege Management
- Modern Endpoint Protection - Automating Prevention, Detection, and Response
- Remote Workforce: How to Protect Yourself From Emerging Threats?
- A Fresh Look at the Business Value of PAM in the Work-From-Anywhere World
- Remote Workforce: How to Protect Yourself From Emerging Threats?
Our analysts have written reports on various cybersecurity market segments aimed at helping organizations find the solutions that best meet their needs. The most relevant in terms of dealing with endpoint security are the Leadership Compasses on Enterprise Endpoint Security: Anti-Malware Solutions, Unified Endpoint Management, and Network Detection and Response.
Also have a look at the Market Compasses on Endpoint Protection, Detection, and Response and Digital Workplace Delivery Platforms, which includes advice on BYOD. And for a perspective on endpoint privilege management, have a look at the Leadership Compass on Privileged Access Management.
To help prepare your organization to conduct RFIs and RFPs for endpoint security technologies, have a look at the Buyers Compass reports on:
- Unified Endpoint Management
- Endpoint Detection & Response (EDR)
- Endpoint Protection
- Privileged Access Management
- Buyer’s Guide: Ransomware Protection
In addition to the Leadership Compass reports mentioned above, organizations investing in technologies to improve their endpoint security can have a look at some of the related technology solutions that we have evaluated:
- Nucleon Smart Endpoint
- BeyondTrust Endpoint Privilege Management
- Elastic Security
- Illusive Platform
- ManageEngine Log360
- Keyless Biometric Authentication
- SentinelOne Singularity Platform
- Sophos Intercept X
- Vectra Cognito
- ESET Enterprise Inspector
- F-Secure Rapid Detection & Response
- IBM MaaS360 with Watson
- ESET Endpoint Security
- AirWatch and Bring Your Own Device