Endpoint security is a generic term referencing a security-centric software application running on endpoint devices such as PCs, servers, tablets and smartphones.
Back in the day, endpoint security products were often called antivirus software, which was designed to identify and block malware from infiltrating an endpoint. While antivirus was a critical component of any enterprise security program years ago, it's no longer considered strong enough to battle today's threats alone -- especially in enterprise IT environments.
Leaving the antivirus name behind because they encompass so much more than mitigating malware, modern endpoint security applications today are often referred to as endpoint protection. Endpoint protection includes traditional antivirus capabilities, but it also offers more advanced endpoint security features to take on modern data security threats.
Modern endpoint protection features available in software today include:
- Encryption -- Data at rest and in motion is encrypted so others cannot access or manipulate it.
- Access to cloud-based threat intelligence -- Enterprises can receive real-time updates from a global network of security analysts identifying and helping block emerging threats.
- Data loss prevention -- An endpoint security feature that flags, notifies and blocks the transmission of sensitive data outside the control of the organization.
- Application whitelisting -- This allows only specific applications and services to run on the endpoint operating system.
- Role-based access control -- A feature to grant or deny access to specific files or applications based on the role a logged-in user is assigned.
- Behavior-based access control -- This places users into a lockdown or limited-access mode from an endpoint when the tasks performed on the device go outside a "normal" threshold based on machine learning baselines.
- Centralized cloud management -- This involves security administrators having the ability to add or modify the enterprise endpoint protection policy and have it update devices located on the corporate LAN or over the internet.
- Integrations with other security tools -- This important endpoint security feature enables the software to communicate and share information with other security components, such as firewalls, intrusion prevention systems and security monitoring platforms.
As you can see, endpoint security has come a long way from the antivirus of old. It's a constantly evolving product that remains highly relevant today and likely will well into the future.
Dig Deeper on Network security
Related Q&A from Andrew Froehlich
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware. Continue Reading
SMS is being supplanted by RCS to let carriers compete against WhatsApp and Messenger and open new avenues to business messaging. Learn the ... Continue Reading
Networking describes how devices interconnect to share resources with each other. Telecom, which includes networking, broadly refers to the exchange ... Continue Reading