Considerations for Effective Endpoint Security

As BYOD continues to grow in popularity, organizations will have to focus more resources on the protection of endpoint devices and the associated risks those devices bring with them. When trying to choose the best set of endpoint security products for your company, there are several considerations you should keep in mind.

Remediation Doesn't Fix Lack of Real-time Protection

Targeting remote devices and endpoints has become so lucrative that cyber criminals are beginning to exploit the FYOD (Fix Your Own Device) trend as a way to infect devices. While Patch Management and whitelist application companies are taking different approaches when addressing this issue, they are both lacking the necessary security solutions for BYOD and partner endpoints. In order to fully protect endpoint devices, a comprehensive security solution is needed. Leaving endpoint devices unprotected is dangerous because it often provides an entry point for cyber criminals, giving them the necessary access and privileges needed to launch a sophisticated attack, similar to the breaches that happened at Target and Home Depot.

Finding a Comprehensive Solution

In order to fully protect endpoint devices, a comprehensive security solution is needed. Cisco's most recent Annual Security Report, covers the need for enterprise adoption of "Continuous Security," which provides context visibility, constant enforcement control and threat protection across the entire attack continuum. This idea of "Continuous Security" is something that our team at OPSWAT has done well for over a decade with OESIS, an endpoint security compliance and posture assessment SDK. OESIS is used by reputable security companies such as Cisco, F5, PaloAlto Networks and PulseSecure.

With OESIS, we started by providing companies with basic antivirus and firewall checks for remote devices, enabling them to block network connection depending on the status of those installed security applications. Over the years we have added support for 13 additional application types including encryption, firewall, antiphishing, patch management and many more. There is also an optional module in OESIS that leverages Metascan® Online's multi-scanning capabilities, allowing users to check files and IP addresses for threats.

Metascan Online leverages multi-scanning (multiple anti-malware engines) for more effective protection, as it's hard for a single antivirus engine to catch all emerging threats on its own. Fortunately, multi-scanning provides a comprehensive solution for finding cyber maleficence by using the power of multiple antivirus engines. With multi-scanning, OEMs (Original Equipment Manufacturers) become continuous security assessors and do a better job of enforcing network security by evaluating the contextual intelligence at a deeper level for the endpoint. This is great news for companies that want to be able to protect their assets by gaining control over endpoint devices that may expose them to future cyber-attacks.

No Silver Bullet — Is Antivirus Dead?

gray skull iconProtecting endpoints is no easy task, especially if a company has a large remote workforce. We all know that monitoring endpoints with only one antivirus engine does not provide comprehensive protection from cyber threats. In fact, the EPP (Endpoint Protection Platform) leader Symantec went as far as to publicly declare antivirus as dead. However, looking at Gartner's Magic Quadrant for Endpoint Protection Platforms, you realize that the case is just the opposite; EPP and antivirus are not dead, but are rather thriving in both the business and consumer markets. At OPSWAT, we are seeing parallels in Gartner's discussion about EPPs adding whitelisting, content security and MDM (Mobile Device Management) features. We have also seen continued and new interest from EPPs in adding our application removal technology, Gears, for Potentially Unwanted Applications (PUAs), vulnerability assessment, and patch management technologies from other companies to their arsenal of capabilities.

Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.