Written By Roark Pollock And Presented By Ziften CEO Charles Leaver
Just a short time ago everybody understood exactly what you meant if you brought up an endpoint. If someone wished to sell you an endpoint security product, you understood what devices that software was going to safeguard. But when I hear somebody casually talk about endpoints today, The Princess Bride’s Inigo Montoya comes to mind: “You keep using that word. I do not think it means exactly what you think it implies.” Today an endpoint could be nearly any kind of device.
In all honesty, endpoints are so diverse these days that people have taken to calling them “things.” According to Gartner at the end of 2016 there were over six billion “things” connected to the web. The consulting firm predicts that this number will shoot up to twenty one billion by the year 2020. The business uses of these things will be both generic (e.g. connected light bulbs and A/C systems) and market specific (e.g. oil rig security tracking). For IT and security teams charged with connecting and securing endpoints, this is only half of the brand-new obstacle, however. The acceptance of virtualization technology has actually redefined exactly what an endpoint is, even in environments in which these groups have traditionally operated.
The last decade has seen a huge modification in the method end users gain access to information. Physical devices continue to become more mobile with lots of information workers now doing most of their computing and interaction on laptops and smart phones. More importantly, everyone is ending up being an information worker. Today, better instrumentation and monitoring has enabled levels of data collection and analysis that can make the insertion of information technology into almost any job profitable.
At the same time, more conventional IT assets, especially servers, are ending up being virtualized to get rid of some of the traditional restrictions in having those assets connected to physical devices.
These 2 trends together will affect security groups in crucial ways. The totality of “endpoints” will include billions of long-lived and unsecure IoT endpoints in addition to billions of virtual endpoint instances that will be scaled up and down as needed in addition to migrated to various physical places on demand.
Enterprises will have very different worries about these 2 general types of endpoints. Over their life times, IoT devices will have to be secured from a host of risks some of which have yet to be dreamed up. Tracking and safeguarding these devices will need advanced detection capabilities. On the positive side, it will be possible to maintain well-defined log data to enable forensic examination.
Virtual endpoints, on the other hand, present their own crucial concerns. The capability to move their physical location makes it a lot more tough to make sure right security policies are always attached to the endpoint. The practice of reimaging virtual endpoints can make forensic investigation tough, as essential data is usually lost when a new image is applied.
So it doesn’t matter what word or words are utilized to explain your endpoints – endpoint, systems, client device, user device, mobile phone, server, virtual device, container, cloud workload, IoT device, and so on – it is important to understand exactly what someone indicates when they use the term endpoint.