Endpoint security is a generic term referencing a security-centric software application running on endpoint devices such as PCs, servers, tablets and smartphones.
Back in the day, endpoint security products were often called antivirus software, which was designed to identify and block malware from infiltrating an endpoint. While antivirus was a critical component of any enterprise security program years ago, it's no longer considered strong enough to battle today's threats alone -- especially in enterprise IT environments.
Leaving the antivirus name behind because they encompass so much more than mitigating malware, modern endpoint security applications today are often referred to as endpoint protection. Endpoint protection includes traditional antivirus capabilities, but it also offers more advanced endpoint security features to take on modern data security threats.
Modern endpoint protection features available in software today include:
- Encryption -- Data at rest and in motion is encrypted so others cannot access or manipulate it.
- Access to cloud-based threat intelligence -- Enterprises can receive real-time updates from a global network of security analysts identifying and helping block emerging threats.
- Data loss prevention -- An endpoint security feature that flags, notifies and blocks the transmission of sensitive data outside the control of the organization.
- Application whitelisting -- This allows only specific applications and services to run on the endpoint operating system.
- Role-based access control -- A feature to grant or deny access to specific files or applications based on the role a logged-in user is assigned.
- Behavior-based access control -- This places users into a lockdown or limited-access mode from an endpoint when the tasks performed on the device go outside a "normal" threshold based on machine learning baselines.
- Centralized cloud management -- This involves security administrators having the ability to add or modify the enterprise endpoint protection policy and have it update devices located on the corporate LAN or over the internet.
- Integrations with other security tools -- This important endpoint security feature enables the software to communicate and share information with other security components, such as firewalls, intrusion prevention systems and security monitoring platforms.
As you can see, endpoint security has come a long way from the antivirus of old. It's a constantly evolving product that remains highly relevant today and likely will well into the future.
Dig Deeper on Endpoint protection and client security
Related Q&A from Andrew Froehlich
An IAM system introduces risks to the enterprise, but the consensus is the benefits of IAM outweigh the drawbacks. What are some of the issues that ... Continue Reading
The network edge is where an enterprise network connects to third-party network services. Edge computing is a distributed architecture that processes... Continue Reading
PAP uses a two-way handshake to authenticate client sessions, while CHAP uses a three-way handshake. Both authentication processes are common, but ... Continue Reading