Endpoint Security Systems

By | May 9, 2006

The crumbling of network boundaries and the rapid growth in mobile computing has brought with it some serious questions of security and of control. In many cases, existing security programmes just cannot cope with the way mobile computing has developed. It presents a whole new set of security issues.

Some mobile users, even though using company equipment, may ignore security policy procedures normal within the network; or they simply may not have the skills or knowledge to make their mobile devices secure.

The problems that mobile users can encounter or bring back into the network include identity theft, spyware and viruses. They may install unauthorised software such as Macromedia, Google search bar, instant messaging (IM) or Skype. They may use peer-to-peer for music and film downloads, which has a range of legal and security implications.

Security drift is another issue. Anti-virus may not be updated, for example. This is particularly prevalent where machines are used by an employee´s family. With most users having administrator rights, it is easy for them to switch off personal firewalls, decline AV updates, etc. For devices outside the network, it is also often difficult to ensure that they are updated with security patches.

Then there are the better-known dangers of using wireless mobile. These include broadcasting log-ins, passwords and key company data; breaching data protection regulations; the illegal use of wireless bandwidth by others (with all the legal implications this entails); theft of personal information (including passwords); identity theft; and opening up the corporate network to data theft and financial fraud.

There are a number of solutions to these issues, but I am focussing on one in particular which brings back control of the mobile device to a company´s IT department – usually the owner of the device. This solution protects an organisation from the effects of use, misuse, negligence and abuse by users, which can include use by their families and sometimes even their friends.

Endpoint security (EPS) systems control the individual device accessing the network. They come in varying shapes and combinations, but basically they cover three elements: policy management; access rights; network protection.

Some solutions combine anti-virus with firewall technologies. Some combine intrusion prevention, standard firewall rules and application protection. Others focus on regulating the applications running on the system. A number also manage access rights based on the security status of the device – e.g. is the connection wireless?

EPS solutions can determine the policies that the remote/mobile connection device can be used for and apply these policies. Coupled with central management, they can also ensure that firewall, AV and security patches are used when they should be.

Many EPS solutions enable you to decide which level of access to provide, based on the current level of security of the user´s machine. This approach lets you reclaim management of your remote kit, decide what policies to implement, secure it, and protect your network.

Some products, such as Sky Recon´s Storm Shield, will allow you to determine the access right you give to users depending on where they´re connecting from (e.g. a wireless hotspot). Or you may control your access depending on the security status of the device. For example, you will probably want to restrict access for someone running a machine that hasn´t applied the latest patches.

You also need to consider the level of control you have over remote users. If staff or customers are connecting using their own machines, you will have a different level of control than if they´re using company equipment. In this case, access rights become a more important element than remote policy management.

With a range of solutions from companies such as Check Point, SkyRecon and Premeo, EPS is an increasingly important and popular route to securing and managing remote access to the network.

Leave a Reply