PCQuest : ITstrategy : Endpoint security issues

Endpoint security issues

Saturday, July 05, 2008

Technological innovations have simplified data storage and access problems largely. The adoption of technologies by businesses that drive them to higher planes is at an all time high. Nowadays, businesses are moving towards virtualization for seamless integration of data and saving costs and resources. Portable communication and storage devices are not only being adopted by the tech savvy executives, but have also become an integral part of the IT architecture.

Today's businesses demand for real time access to data spread across multiple sources has driven users to adapt and adopt the latest technologies. The use of such portable storage devices pose a huge security risk to networks at the End Points and securing these End Points has become a major area of concern for IT Security implementers in Corporate as well as Small and Medium Enterprises. To ensure security from all types of threats, enterprises need to incorporate measures that can provide complete protection from Internal as well as External threats. In such scenarios, the perimeter level security alone does not provide foolproof security to the network.

Business Enterprises are investing heavily in network and antivirus software, firewalls, emails, and Web content security in order to protect themselves from external threats at the network perimeter. Most solutions miss the importance of securing networks from internal threats. These internal threats are from the natives working within the enterprise. Security at both entry and the exit points of data allows preventing network security breaches from within the organization.

Out of the various security solutions available, very few address Endpoint concerns. The simplest forms of Endpoint security programs include firewalls or anti-virus software that can be distributed throughout the organization and then monitored and updated from a centralized point. As against the complex forms of Endpoint security solutions, a simpler solution should make use of Network Access Protocol (NAP), which authenticates a user before he/she uses any kind of data access device. It should work when a device tries to establish contact with the network. It should validate the user credentials followed by scanning the device. Once, it is convinced that the user meets the specified norms of the corporate security policies it allows access. The devices that are not relevant to the policies are given limited or denied access to the system.

Securing the Endpoints does guarantee the security of the network. It should be followed with implementing security policies at the organizational level. Lack of security policies in organizations, is the reason why news of customers data being leaked due to negligence at the security end has become an every day bulletin. Such types of breaches affect thousands of individuals leading to loss of intellectual and confidential data resulting in not only financial losses but also affects the trustworthiness of the enterprise. These enterprises range from financial institutions to BPOs, from where customer data is stored and accessed in large volumes. These vulnerabilities can be dealt with effectively if the security at the Endpoints is given top priority.

Necessity of endpoint security
When we talk about enterprises and their computing environment all the devices are considered endpoint devices. In such a scenario, today's IT environment has become vulnerable to threats that arise from internal as well as external sources. IT implementers today must give top priority to safeguard the Endpoints by creating policies that might curb such security breach instances as Endpoint is the most vulnerable node in the enterprise network. Protection of network resources has become virtually impossible with the number of people working from various locations and using a variety of devices. This is the reason why Endpoints have become potentially unsafe. The trend of demanding access to network resources from any location has become necessary for today's businesses. Here, enterprises need to focus on providing perimeter level security and protecting Endpoints, which will help minimize security issues.

Spam or junk mails have also become an area of concern today. These unsolicited emails hit the system in bulk quantities resulting in bandwidth loss, productivity loss and lay the ground for Phishing attacks to succeed. The need for a solution that has the ability to intelligently learn and classify emails by the behavioral pattern analysis of the users comes very handy.

Securing endpoints
Most of the companies today rely on Internet filtering programs, intrusion detection software, and firewalls, which prove to be useful only for protecting networks from outside threats. Today companies are facing major problems from threats at Endpoints. These Endpoints can be secured by making the right choice of technology and implanting certain policies, which will help minimize the security threats that arise due to use of portable storage devices. Similarly, the need to communicate with individuals globally has made Internet an integral part of businesses today. Use of Internet with negligence might affect your networks adversely.

Internet is a major source of virus, rootkits, adwares and spywares that are all set to infect the network the moment Internet is accessed. There are various companies in the market, that promise complete protection from all types of threats but only some manage to cope up to that level of protection. A technology needs to be developed at the WinSock Layer, which will prevent malicious content from entering the system well before it enters the application layer. This prevention method is better, than healing the system after it is infected.

In short, secure the network by securing the Endpoints too.

While enterprises plan to implement a new security technology for their networks, they should judge the past, present, and future threats before taking a step further. Such evaluation will help them to keep a pace at securing their networks from all types of advanced and upcoming threats. Therefore, it is in the best interest of Enterprises to think about the future and prepare themselves to safeguard their networks from security breaches.

Govind Rammurthy, CEO and Managing Director, MicroWorld

Page(s) 1




	The Right Way to Deploy Enterprise Security
	Fighting the Monster called Infrastructure Complexity
	The Key to Successful IT Project Management
	CIO Concerns and Resolutions for the New Year

Untitled 1

Download reports make multiple decisions

e-Book guide to improve your PPM Process

Complexicity or Simplicity - Choose

Magazine Subscription | RQS | Contact Us | Team PCQuest

	Other CyberMedia web sites [Dataquest] [Voice&Data] [CIOL] [Living Digital] [IDC India] [DQ Channels] [the DQweek] [CyberMedia India] [Cybermedia Careers] [CyberMedia Events] [Cybermedia Digital] [CyberAstro] [Global Services Media] [BioSpectrum] [BioSpectrum Asia] [Computer Shopper] [College Buying Guide] [Voice&DataConnect]