While endpoint security is hardly a new concept, it is becoming more complex in its application. Advanced endpoint protection (AEP) is the next evolution of protection for businesses in the war against cybercrime. However, most security professionals know that to be effective, security requires a multi-layered approach.
Remember the days when endpoint protection meant employing traditional anti-virus and anti-malware tools? Well, endpoint security has changed a lot since 1971 when the first computer virus, Creeper, infected mainframe computers across, ARPANET. While nowhere near as insidious or malicious as some of the viruses, worms, or email phishing scams that plague our modern day Internet, Creeper demonstrated the feasibility of the self-replication of a program between computers. With that discovery, a new threat to business and personal computing was born.
In a November 2017 announcement, the Ponemon Institute, a research center dedicated to privacy, data protection, and information security policy, released the results of a survey of 665 IT security professionals responsible for managing and reducing their organization’s security risk. In summarizing one of its findings, the institute said, “...we are in the midst of a significant shift in endpoint security.” Ponemon revealed the reason for this shift lies primarily in the nature of the attacks. Among the 54% of companies that were attacked, 77% of those attacks came from exploits or fileless techniques—things that businesses did not have to think about several years ago. Traditional anti-virus and anti-malware solutions lack the ability to handle these next-generation attacks.
Enter Advanced Endpoint Protection
Aside from pure mischief, the goal of any computer system attack is to compromise the target and gain access that results in the loss of or exposure of a resource or data. Despite multiple levels of protection, determined intruders will use myriad techniques to remain undetected and gain the access they seek.
An attacker must complete a sequence of events to steal information or run ransomware and nearly every attack relies on compromising an endpoint. The job of advanced endpoint protection (AEP) is to disrupt an attack before it can compromise an endpoint. The best AEPs combine multiple methods of prevention. For example, Palo Alto Networks’® Traps™, blocks security breaches and successful ransomware attacks that leverage malware and exploits, known or unknown, before they can compromise endpoints.
Gauging the Effectiveness of Advanced Endpoint Security
NSS Labs, which is an independent, fact-based cybersecurity guidance organization tests advanced endpoint security solutions. In their testing, the company utilizes real threats and attack methods that exist in the wild and that are being used by cybercriminals and other threat actors. NSS Labs collects these threats from their global threat intelligence network.
According to NSS, an AEP product must be able to monitor, detect, and prevent, threat-based activities continuously. It must also provide end-to-end visibility in the form of event logs generated by the endpoint product. Malware exploits, and other threats each contains unique characteristics. The best AEP products should be able to protect against a threat, regardless of the method of obfuscation.
Beyond security effectiveness (threat monitoring, detection, and protection) an advanced endpoint protection system should include other characteristics as well. For instance, the stability and reliability of the AEP can be critical. Regardless of your business type, having reliable, stable protection is vital, even if that’s just to protect customer lists or employee records. Cybercriminals don’t sleep, so always protect your business.
Total cost of ownership (TCO) is another area that needs to be considered. Multiple factors affect the overall cost of ownership including, but not limited to, deployment, maintenance, and upkeep. Generally, one looks at the total cost per protected agent. A good AEP should minimize cost and maximize value.
AEP is Only Part of An Effective Security
No business wants to be the next casualty of a malicious attack, and most are taking security very seriously. In fact, according to CSO, cybersecurity spending will rise to $1 trillion by 2021 to stem the rising tide of security breaches. The most cautious businesses know that there’s no one solution to this problem. Advanced endpoint protection is just the next evolution in the fight against cybercrime. However, when coupled with next-generation firewalls, good perimeter security and other hardening measures, the effectiveness of breach management increases and so does the security situation for your company.