RealTime IT News

What is Endpoint Security?

Endpoint security is something that many IT professionals think they have, though few can agree on what it is.

According to a recent study by research firm IDC, the confusion over endpoint security is leaving enterprises open to attack from destructive malicious sources. Almost 65 percent of respondents to the survey indicated they have an endpoint security solution in place.

Allan Carey, program manager of security and business continuity services at IDC, said survey participants' definitions of endpoint security ranged from secure devices to firewalls and security policies.

"One of the most surprising findings was the amount of confusion over what endpoint security means," Carey told internetnews.com. "Depending on their perspective, IT or business, endpoint security took on different flavors of how to control the issue."

IDC defines endpoint security as centrally managed client security and likened it to a 21st century digitized watchdog protecting users from "a cesspool squirming with destructive technological deviants."

But security vendor Check Point, which owns personal firewall application vendor Zone Labs, has a related but somewhat different definition.

Rich Weiss, Check Point director of endpoint product marketing, explained that the term "endpoint security" means centrally managed personal firewall-based security and that it was popularized by Zone Labs in 2001.

"More recently, the term has become so popular that others are putting their own spin on it, and some organizations such as IDC include anti-virus in the definition," Weiss told internetnews.com. "However, we believe that personal firewall-based security and anti-virus are still distinct markets. The original definition of endpoint security created by Zone Labs is still valid."

Network risks have changed since 2001, though, and Check Point has expanded its definition.

"To meet the definition of a complete endpoint security solution today, a product must have a mature, proven network access control capability," Weiss said.

Check Point fewer than 50 percent penetration of endpoint security doesn't gel with IDC's, which stands at 64. Weiss said this is likely due to the different definitions.

"Considering that the penetration of antivirus in enterprises is virtually 100 percent, IDC's numbers make sense if you mix them with pure endpoint security adoption rates," Weiss explained.

"We agree that anti-virus is effective at addressing threats that have been in the wild for a while. Endpoint security is an essential adjunct because it defeats attacks preemptively, before updated anti-virus signatures are available."

Based on Check Point's definition, Weiss noted that a single solution could provide all the preemptive protections that make for a best-of-breed endpoint security solution.

"Anti-virus is still a separate purchase decision for the large majority of customers according to our research and that of most industry analysts," Weiss said. "If you include anti-virus in the definition of endpoint security, then there are two solutions needed at the PC level."

IDC's research however would seem to indicate that users are looking for more than just one device or solution to handle their endpoint security.

"Organizations voiced their concern for point products trying to solve the problem, when a more comprehensive solution is required consisting of processes, policies and end-user awareness, in addition to technology," IDC's Carey said. "Therefore, there is no one product or device that can solve the endpoint security problem."