Endpoint Device

An endpoint device is a LAN- or WAN-connected hardware device that communicates across a network. Broadly speaking, the term can refer to any network connected device: desktop computers, laptops, smartphones, tablets, printers, or other specialized hardware like POS terminals or retail kiosks, that act as a user endpoint in a distributed network. The term is more specifically applies to Internet-connected hardware found on a TCP/IP network.

One of the biggest issues with endpoint devices involves comprehensive security for a network or enterprise system. Security managers must determine whether various endpoint devices could be security gaps for a network — that is, whether unauthorized users can access an endpoint device and use it to pull off important or sensitive data.

Endpoint device security challenges

A policy-based approach to network protection is paramount when safeguarding a network. The policy should require endpoint devices to meet specific criteria before being granted access to network resources. Security architecture is designed to handle endpoint devices in order to safeguard the data assets accessed through these systems.

Companies that allow employees to bring their own device, as in laptops or smartphones, frequently face endpoint device security issues. Without a well-considered bring your own device (BYOD) policy, employee-owned devices may compromise the security of company information, or of the network.

Organizations believe that close to 45% of corporate data is held on endpoint devices. These laptops, tablets and smartphones pose a huge risk to data security.

The industry-wide growth of endpoint device exposure means that it’s easier than ever for data to be put at risk. Each time an employee connects over public WiFi, downloads a suspicious app, or is targeted by a phishing scam, the risk is amplified.

This is especially important because endpoint devices not only expose their data to possible seizure, they also serve as a potential conduit for a network wide breach of security.

Endpoint device weaknesses

Security policies, especially as they relate to BYOD protections, are an essential part of protecting endpoint devices from being exposed to attack. But the largest contributor to vulnerability is the quality of training and awareness given to employees. Bad habits can have a serious effect on the integrity of a secure network:

• Lost or improperly decommissioned devices: Employees who lose devices that are connected to the company network may expose that network to attacks.
• Poor adoption of security updates: Out-of-date operating systems and applications can lead to any number of vulnerabilities within a device that has been given access to sensitive company information.
• Employees switching encryption off/on: people are more likely to adjust the security controls on devices they own, and will rework settings to suit their needs. This can lead to unwanted access points.

With a proactive, always on’ technology, IT can avoid these types of issues, while maintaining compliance and mitigating risk.

Managing endpoint device security

Traditionally, endpoint security systems are built on the framework of a client-server model. The security program is managed by a central server that controls the client program installed on all network drives. More recently, with the increasing adoption of software as a service platforms (SaaS), the program and host server are both managed remotely by the SaaS provider. This business model gives organizations a chance to lower costs while ensuring constant updates to security parameters.