Photo: quantrimang

Although antivirus, antispyware and other signature-based protection measures were sufficient to protect organisations in the past, small businesses now need proactive endpoint security measures that can protect against zero-day attacks and even unknown threats.

Raymond Goh, director of Systems Engineering for South Asia at Symantec, shared how to implement a comprehensive solution that will protect companies from all levels of threats and provide interoperability, seamless implementation and centralised management.

An endpoint is a server, desktop, laptop or notebook computer that connects to the corporate network.

Why should endpoints be protected?

Smal-to medium-sized enterprises (SMEs) today face targeted and financially motivated attacks that exploit vulnerabilities in endpoint devices. Many of these sophisticated threats can evade traditional security solutions, leaving companies vulnerable to data theft and manipulation, disruption of business-critical services and damage to corporate brand and reputation. To stay ahead of this emerging breed of stealthy and resilient security threats, SMEs must advance their endpoint protection.

Additionally, employees can pose a threat to the company. Whether intentionally or unintentionally, employees can introduce malicious applications onto the network through daily work habits.

How have endpoints traditionally been protected and managed?

While IT managers understand the importance of endpoint protection technologies, this often translates into making sure each endpoint has antivirus, antispyware, desktop firewall, intrusion prevention device control, and application control technology installed. Deploying these security products individually on each endpoint is time-consuming and increases IT complexity and costs. To manage all of this, SMEs need to provide training and support for a variety of different endpoint security solutions. This can lead to degradation in system performance due to competition for IT resources.

How does endpoint protection differ from antivirus or antispyware?

Antivirus and antispyware solutions generally employ traditional scan-based technologies to identify viruses, worms, Trojans, spyware and other malware on an endpoint device. Threats are detected by searching the system for files that match characteristics, or threat signatures, of a known threat. Once malware is detected on the system, the security application will seek to delete or quarantine malicious code to neutralise the threat.

The qualities and levels of protection provided by today’s antivirus and antispyware solutions vary. The most advanced solutions provide high levels of real-time protection against polymorphic threats and complex viruses, as well as superior rootkit detection and removal. Good endpoint protection solutions are compatible with a variety of operating systems and should be inter-operable with other essential endpoint security technologies.

What are some best practices that SMEs can implement to protect their endpoints?

The next-generation approach of endpoint protection combines essential security technologies to proactively deliver a significantly higher level of protection against known and unknown threats. The approach combines antivirus, antispyware and firewalls with advanced proactive protection technologies in a single deployable agent that can be administered from a central management console. Administrators can disable or enable any of the technologies based on their organisation’s particular needs.

What can endpoint protection and management offer to small businesses?

The new, next-generation approach to endpoint protection and management significantly lowers risk and increases confidence that business assets are protected. It also reduces administrative overhead and costs associated with managing multiple endpoint security products by providing this protection in a single agent that is administered via a single management console. This simplifies endpoint security management and provides operational efficiencies such as one-click software and policy updates, unified and central reporting, and a single licensing and maintenance programme.

What can SMEs do to educate employees on protecting themselves and the company from threats?

The primary risk to businesses of all sizes is the loss of sensitive or confidential information. SMEs should focus on educating employees about current threats, how to handle sensitive information and how to help protect valuable business assets.

What should SMEs be thinking about when implementing a holistic endpoint approach?

When implementing a holistic endpoint protection system, firms should consider an integrated approach that includes endpoint security, systems management, and backup and recovery. By integrating these functions, SMEs can streamline resources and reduce costs associated with disparate endpoint products, while better protecting their information and ensuring its availability when needed.

(Source: VNS)