Endpoint security describes the tools, products and techniques designed to protect users’ devices – such as desktop computers, laptops, smartphones and tablets – and ensure the security of individual access points to an organization’s network and sensitive data. The number of vulnerable entry points continues to grow as remote and mobile workers as well as bring-your-own-device policies become more commonplace, extending the protection perimeter. Any organization must ensure all internet-enabled devices with access to its internal data are protected against cyberattacks.
“Endpoint security” is often used interchangeably with “Endpoint Protection Platform,” or EPP, a term coined by Gartner. These platforms sit on endpoint devices and secure them against cyberattacks using a comprehensive approach to combat sophisticated malware.
EPPs use multiple techniques for prevention, including static analysis to evaluate potential malware based on file inspection, heuristics rules to block exploits, and behavioral analysis to evaluate file maliciousness based on the functions they perform.
Endpoint detection and response, or EDR, tools have emerged as a complement to EPP tools, allowing security teams to investigate and mitigate threats their prevention tools may have missed. An endpoint security toolkit may also include technologies such as endpoint management (which includes asset, vulnerability, patch and mobile device management), encryption, data loss prevention, and identity and access management. These tools can be used alone or bundled with other EPP products for more comprehensive protection.
The best EPP offerings tend to be cloud-managed so endpoint activity can be monitored continuously and issues can be resolved automatically, regardless of the network to which the endpoint device is connected.
Key capabilities of an EPP:
Click here to learn more about endpoint security.