Unified Endpoint Management

FREQUENTLY ASKED QUESTIONS

What is an Endpoint?

An endpoint is any device that connects to an organization’s network. The device may be connected within the organization’s firewall or outside of it. Endpoint examples include:

• Point-of-sale (POS) systems
• Laptop and desktop computers
• Mobile devices including phones and tablets
• IoT devices
• Switches
• Printers

What is Endpoint Management?

Endpoint management is the practice of ensuring devices are configured correctly, protected with necessary security controls, and aligned with IT and security policies.

For endpoint management to be successful, it’s fundamental to have an accurate and up-to-date inventory of all IT assets.

Why is Endpoint Management important?

An increasing number of endpoints connecting to an organization’s network from outside of a firewall (e.g. POS, remote employees) has made the security perimeter more fluid and dynamic. These endpoints further increase an organization’s cyber attack surface. By managing and increasing the security of each endpoint, IT departments can lower the risk of a cyber attack.

What is Endpoint Security?

Endpoint security is the set of cybersecurity practices and tools designed to protect an enterprise’s endpoints from cyber attacks. An endpoint is any device that connects to a company’s network from outside its firewall, such as employee laptops or mobile devices, printers, or Internet of Things devices.  

This is made especially challenging due to BYOD (bring your own device) policies and remote work situations, where security teams have less visibility and less control over endpoints accessing the network. That’s why enterprises that have a large amount of cyber risk exposure from endpoints may consider investing in a broader endpoint protection solution.

What Does Endpoint Security Include?

Most basic endpoint security plans include managed antivirus and patch management requirements for end users. More robust endpoint security programs include threat hunting, vulnerability scanning, device management, data leak protection, and so on. 

Endpoint detection and response (EDR) is an example of a system used for endpoint security, where a system analyzes endpoint connections for typical or expected behavior, and terminates connections for those who act in an unusual way. EDR tools often use machine learning to identify user patterns. 

Many of these organizations deploy cloud-based tools to support this wider variety of processes.

What is Endpoint Protection?

Endpoint protection is the process of ensuring that all devices and user interfaces are protected from cyber attacks. While the field of endpoint security is concerned with the security of individual devices and user interfaces that access the network from outside the firewall, an endpoint protection platform (EPP) is used to do this on a larger scale.

Conference centers, college campuses, or large enterprises are examples of the kinds of businesses that have hundreds or thousands of devices accessing their networks from outside the firewall — each one representing a risk for cyber exposure. 

Because these security teams don’t always have the means to require device users to run antivirus programs or authentication protocols, the EPP isolates particular areas from one another to prevent a data breach. Ongoing automated threat detection, vulnerability scanning, and Endpoint Detection and Response (EDR) are all part of an EPP solution. 

Most EPPs are cloud-based or cloud-managed because they rely upon the processing power, speed, and AI capabilities of the cloud. They’re able to then respond to unusual activity in real time, cutting off access to any endpoint that’s demonstrating unusual or threatening behavior.

RESOURCES