First we’ll start with a definition of what an Endpoint actually is: a network-connected computing device. Quite broad, yes: practically this can be (among other things);
- Servers (including virtual machines)
- Network infrastructure (firewalls, switches, etc.)
- Smart Phone(s)
- Smart Device(s), be it a Fish-Tank or a Fridge
We often use the analogy of a Castle, as do the National Cyber Security Centre: if a single door (or back-door) is left unwatched and unguarded, who’s to say our castle won’t be breached – or hasn’t already been breached? Because of the interconnected nature of modern computer systems we must secure each individual endpoint, otherwise one of these ‘things’ could prove to be the door an attacker uses to enter our Keep.
How can you consistently secure such a broad range of devices, where each of them poses a significant risk to the business when left alone? The answer is rather philosophical: Zero-Trust.
For an exploration of what Zero-Trust is we would strongly advise looking at WatchGuard’s definition here: This security model assumes nothing is to be trusted despite the relationship with a company network.
A little paranoid, but we would fear for the organisation where IT Systems are treated as an irrefutable panacea. This means that your hardware and software are treated as a transmission vector for a cyberattack even when you suspect everything is in working order; that cybersecurity is broadly the responsibility of every person in the organisation – and this is facilitated by using effective technology.
Moving onto the technology, we do as ever have our favourites as explored in our article on Common Vulnerabilities and Errors:
- Opswat have a ‘Trust No File, Trust No Device’ approach to Endpoint Security and this approach in practice means every IT System is routinely checked for newly discovered vulnerabilities. They provide a patented technology to use up to 32-engines for scanning, meaning you can use your favourite AV alongside other world-leading engines.
- WatchGuard have a similar approach, using an advanced solution that has never failed to protect against malware since its inception in 2015. A 100% track record becomes increasingly difficult to sustain as time passes, which speaks volumes on how effective their Endpoint Security solution is.
Trial versions are available if you just want to play with the above technology and see if you like them.
Every organisation needs to adopt a methodology to sustain effective Endpoint Security – everything which interacts with our IT Systems is an endpoint, each one is a gateway for malware to attempt to break into IT Systems.
Many attackers are using pre-configured solutions that are ready from day-one to do damage to us, sometimes originally intended for government-use alone, and so we need effective gatekeepers to protect us and report back on those malignant attempts to do us harm. This is why Zero-Trust is so central to Endpoint Security.