An endpoint is any computing device that can be connected to a network, and subsequently used to communicate with that network. The most well-known types of endpoints are laptops and desktops, used by individuals to connect to work or home networks, or the internet. However, endpoints can also include other types of devices, such as:
- Mobile Phones & Smartphones
- Tablets
- Servers
- IoT (Internet of Things) devices
- Printers
What is not an Endpoint?
Any physical or virtual devices that form part of the network would typically not be considered an endpoint; in in other words, devices that allow endpoints to talk to each other. This would include devices such as:
- Firewalls
- Routers
- Switches
- Wireless Access Points
Why is Endpoint Security so important?
All non-endpoint devices have very well-defined roles in the network and as a result can be configured to perform those roles securely. For example, a firewall exists to determine what types of traffic and services can enter and leave the network. Endpoints must provide the user with a multitude of features and functionality to allow the user to perform their required activities; they must connect to different networks and run various programs and applications. Due to their need to be flexible, securing these devices becomes incredibly important, to prevent malicious users from abusing the flexibility of the devices to attack the user, the endpoint, or the network. In addition to this, the variety of endpoints means that there is no “one size fits all” approach to endpoint security – not only do you have different types such as those listed above, within each type there are many different makes, models, operating systems, and installed software to consider.
The final part of the endpoint security picture is the end users – direct attacks against users are increasingly popular, and although cyber training is a key part of security, endpoints should also work to prevent successful attacks against users from progressing beyond the endpoint itself.
What is Endpoint Management?
Management of endpoints is a key part of any cyber security strategy, and there are several different approaches to achieving this, ranging from simple asset registers that allow you to keep a centralised view on what different endpoints you have within your organisation, up to complete Endpoint Protection Platforms (EPP) that install agents on all endpoints that continually report back on the status of the device, monitoring, detecting and containing any threats.