Endpoint security
Endpoint security or endpoint protection is an approach to the protection of computer networks that are remotely bridged to client devices. The connection of endpoint devices such as laptops, tablets, mobile phones, Internet-of-things devices, and other wireless devices to corporate networks creates attack paths for security threats.[1][2] Endpoint security attempts to ensure that such devices follow a definite level of compliance to standards.[3]
The endpoint security space has evolved during the 2010s away from limited antivirus software and into a more advanced, comprehensive defense. This includes next-generation antivirus, threat detection, investigation, and response, device management, data leak protection (DLP), and other considerations to face evolving threats.
Corporate network security
Endpoint security management is a software approach that helps to identify and manage the users' computer and data access over a corporate network.[4][5] This allows the network administrator to restrict the use of sensitive data as well as certain website access to specific users, to maintain, and comply with the organization's policies and standards. The components involved in aligning the endpoint security management systems include a virtual private network (VPN) client, an operating system and an updated endpoint agent.[6] Computer devices that are not in compliance with the organization's policy are provisioned with limited access to a virtual LAN.[7] Encrypting data on endpoints, and removable storage devices help to protect against data leaks.[8]
Client and server model
Endpoint security systems operate on a client-server model, with the security program controlled by a centrally managed host server pinned with a client program that is installed on all the network drives.[9][10] There is another model called software as a service (SaaS), where the security programs and the host server are maintained remotely by the merchant. In the payment card industry, the contribution from both the delivery models is that the server program verifies and authenticates the user login credentials and performs a device scan to check if it complies with designated corporate security standards prior to permitting network access.[11][12]
In addition to protecting an organization's endpoints from potential threats, endpoint security allows IT admins to monitor operation functions and data backup strategies.[13]
Endpoint protection platforms
An endpoint protection platform (EPP) is a solution deployed on endpoint devices to prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.[14] Several vendors produce systems converging EPP systems with endpoint detection and response (EDR) platforms – systems focused on threat detection, response, and unified monitoring.[15]
See also
References
- "Endpoint security management overview". Retrieved July 22, 2015.
- "What is endpoint security and how does it work?". Retrieved August 21, 2015.
- "What is endpoint security?". Retrieved July 22, 2015.
- "What is endpoint security? - Palo Alto Networks".
- "Endpoint security & network protection". Retrieved October 7, 2015.
- "Endpoint security standard". October 7, 2015.
- Endpoint security and compliance management design guide. Redbooks. October 7, 2015.
- "What is Endpoint Security?". Forcepoint. August 9, 2018. Retrieved August 14, 2019.
- "Centrally managed host server". Microsoft. October 7, 2015.
- "Client-server security". Exforsys.
- "mobile devices especially vulnerable".
- "PCI and Data Security Standard" (pdf). October 7, 2015.
- "12 essential features of advanced endpoint security tools". SearchSecurity. Retrieved August 14, 2019.
- Inc, Gartner. "Definition of Endpoint Protection Platform". Gartner. Retrieved September 2, 2021.
{{cite web}}
:|last=
has generic name (help) - Gartner (August 20, 2019). "Magic Quadrant for Endpoint Protection Platforms". Retrieved November 22, 2019.