Enterprise Strategy Group | Getting to the bigger truth.TM

Posts Tagged ‘Droid’

It’s Time To Re-Examine Endpoint Security

Wednesday, February 2nd, 2011

Back in 2007, ESG asked 206 IT security professionals to respond to the following statement: “Desktop security has become a commodity market with little difference between products.” As expected, 58% of respondents either strongly agreed (17%) or agreed (41%) with this statement. In other words, it really didn’t matter whether you ran Internet security tools from Kaspersky, McAfee, Microsoft, Sophos, Symantec, or Trend Micro; all would be equally effective.

ESG hasn’t re-visited this question since, but many anecdotal conversations with IT security professionals lead me to believe that nothing has changed. If anything, more people believe that endpoint security tools are a commodity today than four years ago.

In my opinion, this perception is not only wrong, it could also be dangerous. Why? For one thing, threat vectors have changed. The main threat vector today is the web and the primary target is the browser. In addition, traditional antivirus signatures have been joined by other defense-in-depth safeguards, like behavior-based heuristics and cloud services, to protect endpoints. Finally, there are the endpoints themselves. In 2007, the term “endpoint” really meant a Windows PC. Now it could mean a Mac, iPad, or some type of mobile device like a Blackberry, Droid, or iPhone.

Given these changes, CISOs should really take a hard look at their endpoint security tools before signing off on a new subscription. During this assessment, examine endpoint security tools in terms of:

  1. Security protection. This is far and away the most important thing you are buying, so prioritize the product’s efficacy over price, manageability, integration capabilities, etc. Endpoint security products should offer defense-in-depth capabilities for all types of threats. Progressive vendors are also using intelligence gathered from their install base and security intelligence to offer much more proactive protection. If your vendor is NOT doing this, there is a problem. Note that I’m somewhat surprised endpoint security vendors haven’t really bundled disk encryption with antivirus and firewalls, but that’s another story.
  2. Integration. Endpoint security tools should easily interoperate with network security (i.e., NAC/NAP/identity-based networking, SIEM), and endpoint management tools (i.e., patch management, vulnerability management, asset/inventory management). Other endpoint tools like disk encryption, eRM, and DLP also should fit here. This will help you keep endpoint configurations up to date, monitor behavior, and enforce security policies.
  3. Management. Endpoint security tools should have their own management consoles for command-and-control. And it may not be a requirement, but I believe that central management of all types of endpoint devices will become the default configuration over time.

The main point here is that far from commodity products, the endpoint security tools used could mean the difference between business-as-usual or a costly security breach. Choose wisely.

Enterprises Want Broad Functionality for Mobile Device Security

Monday, November 1st, 2010

Now that we all have an assortment of iPhones, Droids, tablet devices, and Windows devices, lots of industry folks believe that mobile security is the next hot market.  There are a number of players already in this market from pure plays like Good Security and Mobile Active Defense.  Traditional endpoint security vendors like McAfee see this as an extension of its antivirus business.  Symantec is in the same boat with antivirus as well as encryption software from PGP.  Networking vendors also see up-side in the mobile device security market.  Cisco has AnyConnect and ScanSafe while Juniper Networks wants to combine its Pulse client with its recent acquisition of SMobile.

These vendors come at mobile security from many different angles with different security functionality in different places–some on the device and some on the network.  Will this confuse the market?  No.  Enterprises are actually looking for a wide range of mobile device security functionality.  According to an ESG Research survey of 174 security professionals working at enterprise (i.e., more than 1,000 employees) organizations, the top three most important mobile device features are 1) device encryption, 2) device firewall, and 3) strong authentication.  They also want things like DLP, VPN, and device locking.

Beyond security functionality, most enterprises also want an integrated platform for mobile device security and management.  In other words, they want a single software package for device provisioning, configuration, reporting, etc.  They also want a common set of features for all mobile devices rather than a potpourri of different features for iPhone, Windows 7, Droid, Palm, etc.

It appears then that the mobile device security market will include networking, security, and management vendors along with device manufacturers and carriers as well.  Personally, I think mobile device security will have a network architecture look to it, with technology safeguards built into devices, the enterprise, and the cloud.  If this happens, integration will be critical for all leading products.

Search
© 2011 Enterprise Strategy Group, Milford, MA 01757 Main: Fax:

Switch to our mobile site