Endpoint security has been a hot topic in the technology and corporate sectors for a few years. Especially with the emergence of bring-your-own-device practices, it has become even more critical to put safeguards in place to ensure the security of sensitive information.
Many challenges can creep up when it comes to endpoint security, including those connected with malware, untrained employees, and not having the proper protection measures in place. That’s why our security experts recently crafted a new browser interface for Powertech Exit Point Manager for IBM i, which can bolster an organization's endpoint security capabilities. Before we take a look at the new features, let's examine the current state of endpoint security in global businesses.
What is Endpoint Security?
Endpoint security is a network protection strategy that deploys certain standards to grant access to computing devices. Although some believe endpoint security is solely about the safeguards in place on the devices themselves, this is not the case.
According to TechTarget contributor Margaret Rouse, endpoint security techniques hinge on the use of a client/server system that centrally manages all access requests from the devices employees use, including PCs, smartphones, tablets, and laptops.
"When a client attempts to log onto the network, the server program validates user credentials and scans the device to make sure that it complies with defined corporate security policies before allowing access to the network," Rouse wrote.
These standards can include a range of specifications agreed upon by company decision makers, and will likely vary from business to business. However, endpoint security requirements often include checking for an approved operating system as well as the presence of updated virtual private network systems and anti-virus software. The main goal of endpoint security is to ensure that anyone attempting to access the network from a noncompliant device is unable to do so. This approach can combat cybercriminal attacks and infiltrations from other malicious groups or individuals.
Common Endpoint Security Techniques
Organizations can leverage a number of techniques and technologies as part of their endpoint security, including personal firewalls, individual credentials, or two-factor authentication and device- and network-level anti-virus software. As the threats to endpoint security continue to rise, businesses are bolstering their data protection with other intrusion detection strategies, Rouse noted. These can include the use of behavior-block and monitoring components that examine devices for actions typically carried out by rootkits to pinpoint an infection. However, the backbone of these processes is the central server that controls access to the network and the sensitive content present there.
"To allow access to the network, the server recognizes the device and lets it continue, therefore only recognized devices can access the server," noted Wikibon contributor Emma Brown.
The overarching goal of any endpoint security strategy is to keep a watchful eye on network activities, ensuring that devices that don't comply with the company's security requirements cannot gain access to its sensitive data.
Challenges to Endpoint Security: A Need for Increased Focus
Research has shown that a main challenge to the adoption of proper endpoint security in the corporate sector is the view that software is a cure-all solution. However, Network World contributor Jon Oltsik noted that while the endpoint security platform itself forms the foundation, the company must be willing to make organizational changes to support the technology as well.
Oltsik noted that within the past few years, endpoint security has become a "set it and forget it" system for many companies. Furthermore, research by Enterprise Strategy Group revealed that more than half—52 percent—of enterprises only have software in place in order to comply with regulatory requirements. However, in order to ensure proper protection—especially as the threat landscape continues to shift—company administrators and IT teams must boost their focus and the importance placed on endpoint security strategies.
"CISOs must take ownership of endpoint security and designate a group of specialists who own endpoint security controls as part of an overall responsibility for incident prevention, detection, and response," Oltsik wrote.
Challenges: Security Risks Rise, Budgets Remain the Same
Network Computing supported Oltsik's view that an increased focus on endpoint security is needed in the enterprise sector, noting that while data protection risks are on the rise, companies are not diverting enough resources to properly prevent them.
In fact, a recent Ponemon Institute study found that 71 percent of IT professionals agree that threats to individual mobile devices are now much harder to prevent. At the same time, though, 55 percent of organizations aren't planning to boost their endpoint security budgets to account for the rise in risk. Another 16 percent actually plan to decrease their spending on endpoint security strategies.
"Most organizations make endpoint security a top priority, but budgets lag behind," said Larry Ponemon, Ponemon Institute chairman and president. "It's one thing to say we have a problem, but it's another thing to allocate corporate resources."
According to the Ponemon study, endpoint security threats come in a range of different types, including those related to the use of mobile devices and third-party applications. Respondents also experienced risks with remote workers, personal computers, and employee negligence.
In order to provide the best protection for the company and its sensitive information, decision makers need to provide the required resources to bolster these safeguards. In addition, administrators should also ensure that employees understand their role in the protection approach and its critical importance.
A Better Solution is Needed
Endpoint security challenges demonstrate the need for a better solution to manage the devices attempting to access the network. This is where Powertech comes in, with our industry-leading Powertech Exit Point Manager for IBM i.
Exit Point Manager for IBM i enables company leaders to configure all the necessary network access standards in a streamlined manner, including those related to devices accessing the network remotely. The technology provides an easy and cost-effective way to prevent security breaches through the tracking, monitoring, and access control of corporate data. With its newly updated browser interface, users can leverage advanced filtering and search capabilities, while still connecting with the system's best-in-class dashboard.