BYOD, cloud transform endpoint security

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 20 Aug 2013

Although for many years endpoint security solutions were targeted at desktop PCs and servers, the explosion of bring your own device (BYOD) and cloud computing has changed the notion of the endpoint and has shifted the focus from protecting devices to protecting the data itself.

This is the view of Jayson O'Reilly, director for sales and innovation at security solutions vendor, DRS, who notes that it has long been known that technical departments need to invest in endpoint security technologies to defend against attacks where cyber criminals look to breach a company's infrastructure.

Endpoints are often the initial 'surface' where attacks and exploits occur, he says, adding that both the RSA breach and the notorious Google Aurora attack originated at a single compromised endpoint.

Today's corporate network's perimeter is borderless, adds O'Reilly. Traditional endpoint solutions are proving inadequate weapons in the war against online crime. To keep their users properly protected and to secure the businesses' sensitive data, companies need remote access solutions that have the ability to give different users different access privileges based on what the device is, and who has access to it, he explains.

Moreover, today's threats are bypassing traditional security measures like child's play, O'Reilly points out. Advanced persistent threats use multiple attack vectors and multiple stages to achieve their ends and most security measures can, at best, only secure a part of this chain, he adds.

He also states that security solutions need to meet these new challenges which will require taking a holistic view of an organisation's specific security needs, adding that channel partners will need to work closely with their clients to understand their businesses and how they operate.

"Endpoint security solutions must offer layered protection that goes beyond signature-based detection only to include heuristic-based detection and polymorphic-based detection. Today's networks are exposed to threats from many different sources. Channel partners and resellers need to understand today's threat landscape to propose the proper solutions, so their clients are well protected," says O'Reilly.

O'Reilly says good endpoint solutions should offer a single point for security management and reporting and network access control that limits network access to only systems that comply with the security policies. "Solutions should also offer desktop and file server endpoint security."

He is of the view that desktop endpoint security should work in real time to identify, block, and safely eliminate potentially dangerous programmes.

"Host intrusion prevention should proactively monitor and block intrusions by combining signature and behavioural protection with a desktop firewall. Finally, e-mail server anti-spam and anti-virus need to watch over messaging servers with virus protection and content filtering to ensure the vast majority of spam is filtered out," he concludes.