Endpoint Security

I recently gave a presentation at the Next Generation Security Summit in Atlanta, GA, on the topic of endpoint protection. I took the approach that endpoints are more than just desktop PCs these days. There is probably some debate on just what defines an endpoint.

Traditionally, the endpoint was the user workstation. Remember back in the early 1990s, when we started giving end users their own computers on their desks, to replace dumb terminals. I think the term “endpoint protection” actually evolved from the model of protecting computers with antivirus, delivered and updated by floppy disks.

We started to see threats increase ten years ago, when more employees started taking laptops home and connecting them to the Internet, and when we switched from dial-up modems to high-bandwidth VPN connections to our wide-open internal corporate networks.

Today, the risk is even greater, and the endpoints are more varied. I don’t think we can just think of Endpoint Security as a desktop security suite. We need to look at all resources that are used for data processing and storage, and we need to move our concern from one use case, to a broader definition that addresses security more holistically.

It is certainly good to be concerned about hardening desktops, but we operate in a more diverse environment, with an enterprise that extends into the cloud, with many different business access needs to address. Therefore, risk is coming at us from all directions and we need to look more holistically at risk management by better protecting the endpoints where our data resides, and one threat to mitigate is going to be the way the data is accessed. We need to do more than just put AV on our computers and call that endpoint protection. We need to focus our resources on the things that are most precious to the business. We do that first by understanding business need. Endpoint protection is a means to an end. We ultimately want to protect intellectual
property, sensitive data and PII, and protect the brand.

I tried to get across the point that endpoint protection needs to be a combination of things, emphasizing the efficacy of layers and security in depth that is more targeted and focused on what is important to protect. This is a work in progress, but I hope you find my slide deck interesting and perhaps even useful in thinking about the problem.