Endpoint Security

Protect your network from the threats that enter via endpoints like employee laptops, PDAs, and other end-user devices.

Mark Kadrich is President and CEO of The Security Consortium.

Preface Preface"That was some of the best flying I've seen to date -right up to the part where you got killed."Jester to Maverick in the Movie Top Gun IntroductionI suppose that's the thing that bothers me the most: the fact that we think that we're doing great right up to the moment that the network melts down. Over the years we've seen the number of security tools deployed on our networks increase to the point where we are completely surprised when our computing environments are devastated by some new worm. But how can this happen you ask? How can we be spending so much money to increase our security and still be feeling the pain of the worm de jour? And not just feeling this pain once or twice a year,we're feeling itall the time.To begin to answer this question, all one has to do is pop 'vulnerability' into Google and sit back and wait. My wait took a mere .18 seconds and returned over 69 million hits. Adding the word 'hacker' added an additional .42 seconds but did have the benefit of reducing the pool of hits to a tad over 4.2 million. Over 4 million pieces of information in less then half a second and for free! Now that's value.So, getting back to our problem and looking at the results pretty much sums up our present situation. We're buried under all sorts of vulnerabilities and we're constantly struggling to get on top of the things. The problem of patching vulnerabilities is so big that an entire industry has sprung up just to address the problem. The problem of analyzing and generating patches is so big that Microsoft changed its release policy from an "as needed" to a "patch Tuesdays".What are they really trying to address with the patches? One may think that it's about protecting the endpoint. What we're going to call endpoint security. This is a big topic of discussion. If we go back to Google and type in 'endpoint security' we get a little over 2.5 million hits. We can reduce that stratospheric result by typing in the word 'solution'. Now we're down to a much more manageable 1,480,000 hits.So what's the point? The point is that there are a lot of folks talking about the problem but they're doing it from the perspective of a vendor customer relationship: a relationship that is predicated on them selling you something, a solution, and you paying them for it. The shear motive of profit motivates vendors to produce products that they can sell. Marketing departments are geared toward understanding what people need and how to shape their product in a way that convinces you that they can fill your need. How many times have you gone back to visit a vendor web page only to be surprised that they now address your problem? Look at how many vendors moved from PKI (Public Key Infrastructure) to SSI (Single Sign On) and finally to IM (Identity Management). Why? Because nobody was buying PKI because of the enormous expense so the marketing departments decided to switch names or "repurpose" their product. Now it was about "leveraging their synergies" with the multiple sets of user credentials and promises of vastly simplified user experiences. When that tanked the marketing people invented IM. Yep, that's what I said, they invented IM so they could once again distance themselves from a failed marking ploy and get more people to give them more money. Profit.Ask any CEO what his or her mission is and if they don't reply, "to maximize shareholder value" I'll show you a CEO soon to be looking for a new job. It's all about making sales numbers and generating profit. The more