Mobile devices are becoming more and more popular, with forecasts suggesting that by 2020 there will be around 6.58 network connected devices per person. This results in an increase in the number of devices that are lost or stolen. If this happens, it can translate into a huge loss of data – that may or may not be sensitive – for enterprises that allow their employees to connect these devices to their network. It is vital that Enterprises secure their data on these mobile devices (endpoints) in a way that even if it does fall into the wrong hands, the data is still protected.
The susceptibility of endpoints to a huge range of different threats (such as viruses, malware and DDoS Attacks) makes them a perfect target for malicious actors looking to gain unauthorized access to networks.
Endpoint Protection
Endpoint Protection is the approach of securing a business’ whole network that it is remotely accessed by laptops, tablets or other such wireless devices. Whilst an Endpoint Protection Platform (EPP), with its anti-virus, malware and firewalls etc, provides crucial elements of endpoint security, there is a misconception that those elements alone provide adequate protection for network endpoints. They don’t. A Traditional EPP is fundamentally preventative, and mostly relies on identifying threats based on known file signatures for newly discovered threats.
Endpoint Security is an on-premise solution and is installed on the network, with SaaS cloud-based solutions referred to as Endpoint Protection
Enter EDR
Endpoint Detection and Response (EDR) platforms combine next-gen antivirus with additional tools to provide real-time detection, identification and response to threats, vastly increasing threat visibility beyond that of an EPP.
Back in 2013, Gartner’s Anton Chuvakin coined the term Endpoint Threat Detection and Response (EDTR) since shortened to Endpoint Detection and Response (EDR)
Main Benefits of EDR
- Recording of context-rich endpoint event and state information.
- Option to store collected data on endpoints themselves, centralized servers, the cloud or as a hybrid of these.
- Data retention periods can support the operational needs of different organizations.
- Ability to search collected data to identify issues on one or many endpoints at a time.
- Currently available solutions now appeal to a broad segment of organizations with differing technical abilities.
Source: Gartner
Moving to the Cloud
A recent Gartner report claims that “The endpoint protection market is undergoing its biggest transformation in the last 20 years.” And Gartner is advising that, “Security and risk management leaders should re-evaluate their current solutions and plan a path to more adaptive, cloud-delivered solutions.”
Gartner also highlighted the Top Impacts and Recommendations for Security and Risk Management Leaders:
So if you have an on-premise solution now is the time to start reviewing your solution and preparing your roadmap for a move to the cloud.
Read more on the first cloud-native endpoint protection platform, that unifies technologies, intelligence and expertise into one easy solution. Contact us or call us on 0845 625 9025 to discuss your EDR requirements.
