One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8452746 |
| Date de publication | 2024-02-20 11:00:00 (vue: 2024-02-20 15:09:09) |
| Titre | Un guide fondamental pour la sécurité des points finaux A fundamental guide to endpoint security |
| Texte | 
Anyone that utilizes technology in their daily lives understands that it is ever-changing, and the sentiment is especially true within the cybersecurity industry. Adversaries continue to evolve with new tactics to bypass defenses, so it is necessary that the methods of detecting and preventing these threats do so at an even more rapid pace.
However, keeping up with all the changes can be quite difficult, even for the most seasoned cybersecurity professional. The way in which we work has changed not just in where but also in how. Today employees conduct business from multiple devices, with some being company-issued and others being privately owned. Sensitive data is being stored across many locations including on these devices, within corporate data centers, and in the cloud. This means that organizations likely need more than one technology to defend their endpoints against security breach or data loss. With cybersecurity vendors marketing a wide range of branded product names for their offers, it may be challenging to determine which are ideal for your particular environment. This article aims to help demystify the various endpoint security technologies you may come across during your research, highlight the primary differences, and explain how they can complement each other. This is not intended to be an exhaustive list and it should be noted that there are some technologies that may fall into more than one category, for example, endpoint and cloud security.
Four key endpoint security technologies
To begin, let’s define exactly what an endpoint is. At the most fundamental level, an endpoint is any device that connects and exchanges data on a network. That could include traditional desktop and laptop computers, tablets, smartphones, printers, and servers. Endpoints also encompass network appliances like routers, switches, or firewalls, and a wide range of IoT devices such as wearables, security cameras, sensors, and connected medical or manufacturing equipment. But we must also think beyond the physical devices and consider virtual machines that host applications and data in public or private clouds.
Although this may seem trivial, it is important to note because they all represent entry points into the network that can be exploited and opportunities for sensitive data loss. As such, they must all be accounted for when building an endpoint security strategy. The following are some of the more common endpoint security technologies you are likely to encounter:
Unified endpoint management (UEM) or mobile device management (MDM): There is a widely accepted concept within the cybersecurity industry that you cannot effectively protect what you can’t see. Therefore, the first step in building a comprehensive endpoint security policy is to inventory all the devices accessing your network, and this can be accomplished with UEM or MDM technologies. The primary difference between the two is that MDM is for iOS and Android operating systems (OS), while UEM includes those OS plus Windows and Mac operating systems--even productivity devices and wearables in some cases. Once the devices are discovered and profiled, administrators will be able to apply consistent security policies across them, regardless of where the endpoint is located.
A key feature of both UEM and MDM is that they allow an organization to set standards regarding the security posture of devices accessing the network. For example, rules can be created that a device cannot be jailbroken and must be running on the latest O |
| Envoyé | Oui |
| Condensat | although cwpps employees this 100 350 ability able above accepted accessible accessing accomplished according accounted across actors actually add additionally administrator administrators adversaries against ago aims alert all allow allowed already also android answer antivirus any anyone app app: appliances applications applied apply approved apps are article artificial assaults assessment attack attackers attacks attractive average aws azure because become begin being benefits between beyond block blocking bookkeeping both branded breach browsers building business businesses but bypass called cameras can can’t cannot capabilities carried cases categories category center centers certainly certificate challenging changed changes changing cloud clouds clusters codes collect combining come comes common commonly companies company complement complete compliance comprehensive computers concept conduct configurations connected connects consider considerable considering consistent console containers content continue continuity controls corporate costs could create created csps currently customer cwpp cwpps cybersecurity daily data day dedicated defend defense defenses define deliver demystify deployed design desktop desktops details detect detecting detection determine determining device device: devices difference differences difficult digital discovered doing due during duties each ease edr effectively email emails employee employees encompass encounter: end endpoint endpoints engineering ensuring enterprise entry environment environments epp equipment error especially even ever every evolve evolved exactly example examples exchanges exhaustive experience explain exploited exploits fall feature fewer fileless finance firewalls first flagging following forensic former four frequent from fundamental future gap google growth guide hacking half has have healthcare help here highlight host how however hybrid idc ideal identified identifying identity impactful impersonation important improve improved include includes including increased increases indicating industry information initiatives install insurance intelligence intended inventory investment ios iot issued jailbroken job jump just keeping key known kubernetes lack laptop laptops larger latest launched law leak learning let’s level leverage leveraged like likely linked links list lists lives located locations loss lost lower mac machine machines macros malicious malware man managed management manufacturing many marketing may mdm mdm; means media medical memory mentioned messages messaging methods middle migration misuse mobile more morphing most moving mtd much multiple must names necessary need needed needs network network: networks new not note noted offers once one only operating opportunities organization organizations other others out outdated overhead own owned pace particular particularly payment perform performance phishing phones physical platform plus point points policies policy posture presents preventing previously primary printers private privately process product productivity professional profiled proper protect protection protections protects provide providers public publicly purpose push quite range ransomware rapid real really reason recent recently reduce reducing referred regarding regardless relied represent require research resources respond response restrict resulted risk risky rooted routers rules running sandboxing script seasoned security see seem sensitive sensors sent sentiment servers service sessions set share should signatures simple sizes smallest smartphones smb sms social software solution solutions some standards started step stolen stored strategy structure study subjected such surface surveyed switches systems tablets tactics target targets tasks technologies technology terms texts than theft them therefore these things think those threat threats threats: through time tls/ssl today tools traditional transactions transformation transmitted trivial trojans true two uem understands underutilized unfortuna |
| Tags | Ransomware Malware Tool Vulnerability Threat Mobile Medical Cloud |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.