At ThinScale technology, we work closely with customers in the contact center industry and have seen some confusion around the various endpoint security solutions available. What can they each do? And more importantly, from a security perspective, what do they not do?
This article I’ll take you through each of the major endpoint security solutions and explain what they are to be used for versus what they are not suitable for.
Why is Endpoint Security so crucial?
Endpoints are the most vulnerable and targeted part of any IT deployment. It is vitally important for company leadership to be aware of the endpoint security solutions that are deployed in their IT environments.
Endpoint security covers a wide spectrum of roles within the IT suite of contact centers, as such it can be confusing seeing a number of solutions (including our own) all featured in the same broad category.
Very few endpoint security solutions are actually a “One size fits all” type of technology, more often they are focused on one specific aspect of an endpoint environment and perform their specific tasks very well.
However, to fully secure an endpoint environment, multiple solutions are often required.
The Main Types of Endpoint Security Solutions
What are Mobile Device Management (MDM)/Remote Monitoring and Management (RMM) Solutions?
MDM and RMM are central management systems that can remotely deploy applications and settings to PC’s, laptops & mobile phones.
What is it intended to do?
These solutions are intended to control the access to corporate resources on computing and mobile devices through application packages and device settings and provide monitoring systems for each device in an environment.
What can it not do?
An MDM/RMM is unable to fully lock down an endpoint by itself. The functionality of an MDM/RMM tends to vary depending on the company providing it.
When should you consider an MDM/RMM?
An organization should consider an MDM/RMM if they expect employees to use multiple device types for their work, and should normally deploy an MDM/RSS as the management component of an already secured corporate device deployment.
What are Extended Detection and Response (XDR) Solutions?
Software that functions like standard antivirus – will scan programs against a large (often AI-driven) database to determine whether it is safe or not.
What is it intended to do?
An XDR is intended to intercept and halt any suspicious actors on a local machine. The intention is to allow users to access resources freely. The XDR will simply stop any suspicious activity when needed.
What can it not do?
XDRs cannot do much to stop user-initiated risk, an example of this is a user launching a local application (notepad) and manually entering data and saving on the local machine. It is also unable to prevent actors it does not recognize as malicious, meaning there is potential for malware to slip through their detection.
When should you consider an XDR?
Organizations that prioritize detailed visibility and analytics from threat vectors should consider an XDR. It is generally recommended that an organization rolls this out alongside an endpoint lockdown solution to ensure full security on the endpoint.
What are Virtual Private Networks (VPN)?
VPNs are local applications that encrypt public network connections, allowing for the sending and receiving of data over non-corporate networks – as if they were on-premises
What is it intended to do?
VPNs are intended to secure the network connection from an endpoint to corporate resources.
What can it not do?
VPNs are not intended to secure the devices themselves. VPNs will not take any action to prevent common malware (keyloggers, screen scrapers) from running in the background on the local machine.
When should you consider a VPN?
Ideally, a VPN should be rolled out as part of any remote working solution as the encryption of connection to corporate networks is important.
What are Virtual Desktop Infrastructures (VDI)/Desktops as a Service (DaaS)?
VDI/DaaS is the use of a client device to access remote resources (apps & desktops) in a separate space from the local machine.
What is it intended to do?
VDI/DaaS is intended to allow employees to access corporate resources and workspaces from other devices. This allows for easier control, maintenance, and security.
What can it not do?
VDI/DaaS is built to allow access. It is not intended to be used as a standalone security solution. A VDI/DaaS solution can do very little against pre-existing malware or user-initiated risk.
When should you consider a VDI?
A VDI/DaaS Deployment is going to be one of the main ways most organizations provide corporate workspaces. If you are looking to provide controlled access to your resources, a VDI will suit your needs, but it should be rolled out alongside other endpoint security solutions to make up for its gaps in that area.
What are Secure Workspaces?
Secure Workspaces are environments separated from a device’s pre-existing operating system, intended to allow access to virtual applications and local applications from a secured source.
What is it intended to do?
Secure Workspaces are intended to secure the endpoint to access local or virtual environments. The intention is to lock down the device to facilitate secure access to corporate resources. Secured Workspaces (like the solutions provided by ThinScale) will lock down the endpoints themselves and work to prevent any unwanted action from being taken by IT.
What can it not do?
Secure Workspaces only exist on the endpoint and facilitate a secure connection. An organization must have its virtual or local environment set up separately.
When should you consider a Secure Workspace?
A secure workspace will work in almost any scenario. However, suppose an organization is worried about meeting compliance standards at the endpoint level, which is the weakest link in any IT deployment. In that case, they should certainly consider deploying a Secure Workspace Solution.
Expert’s Recommendation
The endpoint is one of the most difficult areas to fully protect. In the past number of years, there has been a massive surge in cyber-attacks via endpoint security solutions that were not built for the task or not used in the intended way.
Of course, there are multiple solutions to pick. However, organizations should prioritize locking down their employees’ workspaces and implementing application & service whitelisting for the most secure endpoint environment.
For a specifically focused endpoint security solution intended to protect employee and customer data from both outside and internal threats, ThinScale has solutions tailor-made for corporate device and BYOD deployments.
What security solutions do you need for your contact center?
Feel free to get in touch below to discuss your cybersecurity and endpoint security set-up. Our security experts would be more than happy to arrange a free consultation and offer advice.