Organizations should select security products that provide superior value in terms of both monetary cost and their security effectiveness. This effectiveness is measured by the technology’s ability to, at a minimum, deliver on these three core capabilities:
Does the technology deliver on the security function it is intended to perform?
Two primary attack vectors are used to compromise endpoints: malicious executables (malware) and vulnerability exploits. Effective endpoint security technology or products must prevent malware and exploits from compromising endpoints and servers. They must also prevent known and unknown variants of malware and exploits.
Does it prevent attackers and users from bypassing its security functions?
No security tool or technology is built to be easily bypassed. If attackers or end users are able to circumvent the technology’s intended function, then it is not serving its ultimate purpose. An effective endpoint security platform should neither allow attackers to bypass security nor cause performance issues that would lead users to disable it.
Does it evolve to accommodate and protect new applications, systems and platforms?
Several decades ago, the frequency and sophistication of cyberattacks were low. Endpoint security tools were designed to prevent viruses from infecting systems. Today’s threat landscape is radically different, however, and has relegated endpoint security tools, such as antivirus, to reactive detection and response tools. Security products need to adopt a proactive approach to adequately secure endpoints. To reduce the frequency and impact of cyber breaches, there needs to be a focus on prevention.
Organizations should select security products that deliver meaningful security value as measured by the effectiveness of the products’ ability to meet the three above requirements. To learn more about the effectiveness of endpoint security and what an effective endpoint security solution must do, read the Protect Yourself From Antivirus whitepaper.