2 Critical Reasons Why Endpoint Security Isn’t Enough

Cybersecurity is a broad domain that includes protection for many aspects of a business’ technology infrastructure. Defending one area, though, is not effective protection against threats across an organization’s whole environment. For instance, many individuals are familiar with endpoint security, such as anti-virus systems. That familiarity can mislead some into thinking that endpoint security alone is sufficient protection. The reality is that other areas must also be covered—especially network security.

Areas of Cybersecurity
As information systems evolve, security technology must also adapt to address specific concerns or risks. It’s a continuous cycle. As an example, digital rights management (DRM) is designed to solve the problem of maintaining intellectual property protection. But when adversaries find chinks in DRM’s armor, advances in the technology are required. Those advances won’t solve the problem entirely – they just require adversaries to work harder.

The arms race continues not only for DRM, but across all components of modern cybersecurity, including endpoint security – the specialized technology that protects specific devices or hosts from being conduits for network intrusions.

An executive’s laptop is an example of an endpoint, as is a receptionist’s desktop. Endpoints can also be a point-of-sale (PoS) terminal, or a warehouse processing terminal. Types of endpoint security include anti-malware protection, anti-virus scanners, and host-based firewalls. Because the technology is deployed on each endpoint, it is a visible protection that many users are aware of.

Network security is the area of cybersecurity that concentrates on monitoring and protecting an organization’s network against threats. As data is transferred among hosts (or endpoints), it must be inspected to evaluate whether the messages being sent are unusual, suspicious, or overtly malicious.

If an organization only concentrates on endpoint security, though, and does not pay attention to network security, it addresses only part of its overall risk profile. The following two use cases help to illustrate why endpoint security alone is not enough to defend an organization against modern risk – and how network security strengthens that defense:

  1. Bring Your Own Device (BYOD) Threats
    In the modern workplace or home office, organizations are not always in direct control of the full-suite of the equipment or technology connected to their network. A business can enforce policies and protections within its own infrastructure and endpoints, but generally that is not possible on personal devices. It is also a significant challenge to identify the presence of BYOD devices.
    Network security allows for an inspection of the traffic that flows through the network, regardless of whether that traffic is coming from a known or unknown device. If a staff member or guest connects a personal mobile phone to the company network, that device operates on the network without any endpoint protection or policies. But the network traffic generated by that device will be inspected by the network security in the same way it inspects traffic generated by any corporate-owned equipment, and any suspicious activity will be noted.
  2. Insider Threats
    The implementation of endpoint security requires collaboration with users. Sometimes, though, users do not cooperate, or, for convenience, may bypass those protections. While their intent may not be malicious, disabling security controls to carry out an expected business function can expose a device to security threats, which ultimately can lead to network intrusions.
    In some cases, of course, these device-level protections could be evaded intentionally. For example, a user who is an insider threat might connect a corporate-owned device onto an unsecured network, such as at a coffee shop, plug in an unsecured USB drive, or use unauthorized software or applications (Shadow IT). While these actions may help the user be productive, they potentially could expose the user’s device to unwanted intrusions. The organization’s network security, though, still monitors traffic from the user’s device and the unprotected environments for any unusual activity – and can prevent violations of security policies.

BYOD and insider threats are two impactful reasons why endpoint security is not enough to provide the necessary strong protection from modern security threats. Network security serves as an effective additional layer of defense for both use cases.

A network security solution can be implemented in-house, but does require skilled resources and budget to support its operation and ongoing maintenance and technology upgrades. Outsourcing can be an effective and simpler alternative. A managed network security service provides affordable, on-demand access to powerful technology and the expert resources needed to monitor network traffic continuously, 24x7x365.

In either case, combining endpoint security with network security is an effective way to mitigate risk in your environment –and will give you peace-of-mind that your network is protected in the modern – and constantly evolving – cyber landscape.

Visit our solutions page to see our full set of managed services that will strengthen your security posture.