Endpoint security is a generic term referencing a security-centric software application running on endpoint devices such as PCs, servers, tablets and smartphones.
Back in the day, endpoint security products were often called antivirus software, which was designed to identify and block malware from infiltrating an endpoint. While antivirus was a critical component of any enterprise security program years ago, it's no longer considered strong enough to battle today's threats alone -- especially in enterprise IT environments.
Leaving the antivirus name behind because they encompass so much more than mitigating malware, modern endpoint security applications today are often referred to as endpoint protection. Endpoint protection includes traditional antivirus capabilities, but it also offers more advanced endpoint security features to take on modern data security threats.
Modern endpoint protection features available in software today include:
- Encryption -- Data at rest and in motion is encrypted so others cannot access or manipulate it.
- Access to cloud-based threat intelligence -- Enterprises can receive real-time updates from a global network of security analysts identifying and helping block emerging threats.
- Data loss prevention -- An endpoint security feature that flags, notifies and blocks the transmission of sensitive data outside the control of the organization.
- Application whitelisting -- This allows only specific applications and services to run on the endpoint operating system.
- Role-based access control -- A feature to grant or deny access to specific files or applications based on the role a logged-in user is assigned.
- Behavior-based access control -- This places users into a lockdown or limited-access mode from an endpoint when the tasks performed on the device go outside a "normal" threshold based on machine learning baselines.
- Centralized cloud management -- This involves security administrators having the ability to add or modify the enterprise endpoint protection policy and have it update devices located on the corporate LAN or over the internet.
- Integrations with other security tools -- This important endpoint security feature enables the software to communicate and share information with other security components, such as firewalls, intrusion prevention systems and security monitoring platforms.
As you can see, endpoint security has come a long way from the antivirus of old. It's a constantly evolving product that remains highly relevant today and likely will well into the future.
Dig Deeper on Endpoint protection and client security
Related Q&A from Andrew Froehlich
Migrating to UCaaS doesn't mean organizations need to leave legacy hardware behind. But organizations must ensure UC devices are compatible with ... Continue Reading
Cost, complexity and interoperability issues with existing network components are some of the weaknesses of SD-WAN that organizations need to ... Continue Reading
A migration from WPA2 to WPA3 is not simple. Organizations may need to update their hardware extensively to accommodate the newer Wi-Fi encryption ... Continue Reading