An expanding estate of end point devices, across a range of different operating systems and platforms, particularly with enterprise applications and data becoming mobile, is making maintaining security an increasingly difficult task. Security vendors however, are bringing more capabilities to end point solutions to fight the war on hackers.
With some of today's biggest security threats coming in the form of cyber crime, businesses of all sizes need to be aware of the dangers and make sure their entire business is secure. Financial institutions, along with insurance and real estate, are the second most targeted sector according to the Internet Security Threat Report (ISTR), receiving 19% of all attacks in 2012, but SMEs shouldn't be complacent as the same report noted that small businesses were the target of 31% of all attacks worldwide that year.
But across all organisations it appears that consistently weak areas in the business are end points. Vendors are responding to this by educating organisations on the risks and providing ever-evolving end point security solutions.
"In the past few years we have seen new challenges including the massive shift from desktops to laptops, which added the pressure on data loss/leakage prevention security projects, with more demands such as full HDD encryption and mobile data protection," notes
Then, of course, there has been the rise of BYOD.
"With the increase in mobility and a mobile workforce, it is even more important for users to be aware of the dangers," notes Bulent Teksoz, chief security strategist,
"Currently, according to the 2013 Norton Report, half of smartphone users in the
Throw in the fact that some users are also shifting to virtualised environments and you can see another issue vendors have faced — a need to support and secure a wider variety of operating systems. But they have risen to the challenge with end point security solutions becoming far more sophisticated, with integrated encryption solutions and even data loss prevention modules.
"They have expanded far beyond just having updated malware signature files to incorporate features such as white listing or even behavioural patterns," notes
ESET's channel marketing manager
"Since data can also be leaked when the device is lost, the anti-theft feature is also a vital part of this solution. This built-in feature tracks missing devices and lets the admin stay in control of sensitive data. Through a single SMS command, it's possible to remove all sensitive information including contacts, messages and memory card data. Furthermore, if an unauthorised SIM card is inserted in the smartphone, a message containing the card's phone number, IMSI, and IMEI will be sent to a predefined number."
Most of the players on the market are now working hard to become better at handling advanced persistent threats and advanced malware, as solutions for such types of malware have traditionally been on the network side, but we're seeing more of this making its way to the end point.
"Looking at the more classic advanced persistent threats and malware, there is no doubt that the vendors have their eyes set on the end point and I think we will start to see them release end point clients in the near future or possibly, integrate closer with the vendors that are already well set in this domain," notes Nicolai Solling, director of Technology Services at
Then as well as providing vulnerability management tools, network access control and SSL solutions, vendors are also looking into new and improved ways to beat zero day and unknown threats.
Users need to be aware of an important issue however: vendors provide the ability to have full end point security, however if the solution isn't set-up correctly you may not be fully secure. IT managers must make sure they're fully involved in the process in order to be sure they have the correct set-up in place and understand the full abilities open to them.
"Most decent end point protection vendors will allow control and protection if the solution is tuned correctly. Unfortunately we quite often experience that the settings on an end point protection is not performed well enough to ensure proper protection," Solling explains. "Quite often this is the fault of the systems integrator as it is their responsibility to ensure not only the successful implementation and proper tuning of the solution, but also to make sure that the customer is fully aware of all the features."
Once an end point solution is in place, IT departments want advanced remote management tools that help to manage end point devices, and usability is a key for any security solution to.
"Solutions need to work, need to integrate into the business and also be easy to use so that admins can concentrate on collecting information to protect business assets," highlights
The vendors response has been to make solutions that are easier for administrators to manage, such as end point security suites rather than single point solutions. These are designed to get updates easily and to integrate with existing infrastructure.
"In many cases, though the solution may indeed be capable of meeting the organisation's security needs, the complexity of its interface prevents administrators from utilising and accessing the required features," says Alizadeh. "We have found that providing a centralised management console is a great way for IT managers to easily manage the security of their entire organisation's network from a single point."
A number of different reporting capabilities are now on offer too. These include logs, vulnerability assessment tools, risk monitoring solutions and network access controls. Many vendors offer customisable reporting solutions that allow the users to get the information they specifically require for their responsibilities.
"IT administrators are interested in technical, deep-dive reports, while executives want a high-level security posture report. In addition, reports should be accessible and readable across multiple platforms," Teksoz notes.
"Most solutions come with their own reporting tools however we also often integrate solutions into security information and event management (SIEM) environments, which allows the customer to have one holistic view of what is going on from a security perspective in their environment," says Solling.
"I personally believe both will coexist for a long time," says Al-Bokhary. "Organisations with large, centralised offices will most likely continue with on-site management of end point protection solutions, even for their mobile users. On the other hand organisations which depend on distributed offices or service locations have already started mobilising towards cloud solutions, and security-as-a-service is not stranger of this shift," he notes.
What is definite however, is that the sector will continue to expand, adding improved solutions.
"I believe we will see a classical disruption technology theory happening, as new resources become available via innovation, we will see easier ways to stay secure, detect suspicious activities and also clean up threats," Haubrich notes. "People and traditional end points will still be with us for quite some time, it will however lead to some changes like incorporating both. It's an exciting time to be in the security field!"
Most Popular Stories
- Koch Brothers Step up Anti-Obamacare Campaign
- Obama Administration Releases Proposal to Regulate For-Profit Colleges
- Elizabeth Vargas' Husband Marc Cohn Addresses Rumors
- Quiznos Files for Chapter 11
- U.S. to Relinquish Gov't Control Over Internet
- FDIC Sues Big Banks Over Rate Manipulation
- Keurig Adds Peet's coffee, Alters Starbucks deal
- SoCalGas Reaches Record Spend on Diversity Suppliers
- U.S. Consumer Sentiment Falls in Early March
- Vybz Kartel Convicted of Murder