The development and execution of an endpoint security strategy is an increasingly important and urgent issue for businesses of all sizes. Many are executing – or wanting to execute – flexible working practices and organisation models that leverage contemporary technology.
But wireless mobility, remote access, home working etc. are rarely supported by the established security infrastructures that were built on an assumption of static, wired PC user communities being the norm.
Multiple layers of network-centric, gateway security solutions are, of course, essential to the integrity of any modern business. But, on their own, they simply cannot provide enterprise-wide security and usage policy enforcement for modern distributed, flexible organisations.
And even when, for example in a static network environment, they can exercise a high level of control, they are unable to execute differentiated policies that reflect the highly variable mix of risks and operational requirements of multiple users groups.
So, if network-centric technologies can’t deliver, is the future of endpoint security for large organisations to be found in client-based technologies like desktop anti virus and personal firewall products? Yes and No!
Yes! It is obvious that only a client-based technology can exercise any kind of control and protection when a user is outside of the organisational ‘umbrella’.
No! Unless that technology: Can be defined, deployed, monitored and controlled only from its central management console; Can be disabled or modified neither by an outside attacker – nor by a user; Can deliver automatic ‘zero hour’ self-defence against new, unknown viruses and targeted attacks; Can be configured easily to execute appropriate policies that reflect the risks and operational requirements of each and every user group; Can recognise and block dangerous and unproductive usage; Can protect against information theft both through an outside attack and by users themselves; Can scale to manage thousands of users across multiple sites.
Generally, Endpoint Security (beyond anti virus) is perhaps the fastest growing recognised space in the IT security field – not least because it encompasses a growing multitude of sins and risks.
For many of the organisations now investing in a serious endpoint security strategy, the priority is to achieve what is often referred to as ‘Zero Hour’ protection against unknown viruses and targeted attacks. The business drivers are to guarantee continuous system availability for users – and to take the pressure off patch management when a new viruses is detected or a new hole in Microsoft Windows is discovered.
For others, the motivation is to address a specific risk such as information theft or inappropriate downloading: many organisations want protection for their uses; but they want protection from their users even more!
And sometimes it’s as part of a narrow initiative around remote access or mobile working. Because, in these situations, even if connection to corporate systems is tightly controlled, the vast majority of workstations are also used in completely uncontrolled and insecure environments. And often by friends and family who have no motivation for and/or understanding of what constitutes safe and appropriate use.
There are a growing number of ‘point solutions’ in the market today that address very specific endpoint threats – or that are aimed at enforcing very specific aspects of usage policy.
We believe that the future of endpoint security lies with those technologies that have a wide range of enforcement capabilities and comprise client-based intelligence that persists wherever and however a workstation is being used. Equally importantly, endpoint security must be something that is exclusively manageable from the centre – and capable of flexing in line with continuous, rapid, sometimes radical organisational and technological change.