Page 28 - info_oct_2021_draft13
P. 28
Endpoint: The Start
Point of Cyber Security
Enhancing Cyber Security through advanced
Endpoint Security
n the realm of cyber security, the term endpoint
refers to connected devices on a network such
Ias desktops, laptops, servers, mobile and IoT Organizations of all types and sizes such as healthcare, finance and defense
devices. Endpoints are the interface where human are at risk from increased volume of organized cybercrime. Being the
beings who are the weakest link in Cyber Security
normally interact. Endpoint security, therefore, interface where human beings who are the weakest link in Cyber Security
is one of the prominent components of cyber
security. It involves securing data associated normally interact, these devices are the main targets of malicious actors.
with endpoints from exploitation by threat actors
through management of vulnerabilities and Endpoint security has emerged into advanced technology from traditional
patching of software.
antivirus solutions for providing faster and comprehensive protection from
Need of endpoint security sophisticated malware and modern zero-day attacks.
Endpoint security is considered as crucial for
cybersecurity due to a variety of reasons. The
number and variety of endpoints are increasing
day-by-day. With the introduction of remote work
culture and advancement in the BYOD policies,
perimeter security is becoming insufficient to prominent asset for an organization in today’s central monitoring console is also provided for
prevent all kinds of malicious activities. The environment, the organization can be put at the better visibility to the administrator in managing
threat landscape is becoming complex due to risk of insolvency through illegal access and theft the endpoint clients.
increased capability of hackers to introduce of that data.
new ways of accessing the digital assets and Evolution of endpoint security
manipulate the information. Data being the most Endpoint Security Architecture The business of endpoint security started
The figure illustrates the architecture of a in late 1980s with the introduction of antivirus
typical endpoint security solution. The prime solution which is a signature based malware
component in this deployment is the Central recognition system. With the increased popularity
Endpoint Server which receives the security of e-commerce and internet, detection of
updates from the Endpoint Update Server and malicious activities has become more complex
also functions as a centralized manager. The and can no longer rely on signatures. Traditional
central server further distributes the updates endpoint solutions have become incapable to
among a set of Endpoint Servers to which handle sophisticated and emerging threats like
Diwan Hauym Khan
Scientist-F the on premise client systems are connected. file-less malware and zero day attacks. Therefore,
dhkhan@nic.in Endpoints such as laptops and mobile devices advancement is required in end point security
that are outside the organization’s intranet are solutions with the proposition of more integrated,
connected to the Endpoint Servers through an multistage defense system to handle the outsmart
Edge Relay Server. The Endpoint Server provides attackers. Advanced endpoint security requires
advanced threat protection techniques combined detection and correction of hidden threats in
with detection and response through the agent seconds, in place of months. This is possible only
Kirshna Kumar installed in clients. It responds to attacks in with the automation of sharing threat intelligence
Scientist-B real-time and provides immediate and effective among connected components for detection and
kirshna.kumar98@nic.in protection against zero-day attacks. A web-based correction of threats while teaming up of humans
28 informatics.nic.in October 2021
