Endpoint security is a generic term referencing a security-centric software application running on endpoint devices such as PCs, servers, tablets and smartphones.
Back in the day, endpoint security products were often called antivirus software, which was designed to identify and block malware from infiltrating an endpoint. While antivirus was a critical component of any enterprise security program years ago, it's no longer considered strong enough to battle today's threats alone -- especially in enterprise IT environments.
Leaving the antivirus name behind because they encompass so much more than mitigating malware, modern endpoint security applications today are often referred to as endpoint protection. Endpoint protection includes traditional antivirus capabilities, but it also offers more advanced endpoint security features to take on modern data security threats.
Modern endpoint protection features available in software today include:
- Encryption -- Data at rest and in motion is encrypted so others cannot access or manipulate it.
- Access to cloud-based threat intelligence -- Enterprises can receive real-time updates from a global network of security analysts identifying and helping block emerging threats.
- Data loss prevention -- An endpoint security feature that flags, notifies and blocks the transmission of sensitive data outside the control of the organization.
- Application whitelisting -- This allows only specific applications and services to run on the endpoint operating system.
- Role-based access control -- A feature to grant or deny access to specific files or applications based on the role a logged-in user is assigned.
- Behavior-based access control -- This places users into a lockdown or limited-access mode from an endpoint when the tasks performed on the device go outside a "normal" threshold based on machine learning baselines.
- Centralized cloud management -- This involves security administrators having the ability to add or modify the enterprise endpoint protection policy and have it update devices located on the corporate LAN or over the internet.
- Integrations with other security tools -- This important endpoint security feature enables the software to communicate and share information with other security components, such as firewalls, intrusion prevention systems and security monitoring platforms.
As you can see, endpoint security has come a long way from the antivirus of old. It's a constantly evolving product that remains highly relevant today and likely will well into the future.
Dig Deeper on Endpoint protection and client security
Related Q&A from Andrew Froehlich
Even though they have common traits, there is a difference between a Layer 3 switch and a router. Each plays a key role in making sure packets get ... Continue Reading
Unified communications interoperability is gaining more attention as more employees work from home. But, while some progress is being made, there is ... Continue Reading
Andrew Froehlich breaks down how authentication and identity management differ and how each of them are intrinsic to an identity and access ... Continue Reading