In the last decade, the cloud has transformed business and made it routine for company employees to access data and applications remotely. People now work from anywhere, not just from their corporate headquarters. They telecommute regularly from hotels, airports or coffee shops - anyplace where they can get a connection (whether secured or not.)
At the same time, the proliferation of BYOD has added - literally - billions of devices into the enterprise ecosystem. But as organizations add these unmanaged devices to their networks, IT must address new security considerations, including plans for endpoint security.
Unfortunately, there is a tendency among many security managers to treat breaches on a one-off basis. Their default approach is to apply one point product after another to combat the latest emergency. That may work for putting out brushfires. But when they are suddenly faced with large-scale security incidents, like the WannaCry ransomware outbreak earlier this year, the organization will be totally unprepared to deal with the enormous scope of the attack.
Frankly, enterprises now square off against a cohort of hackers who are more sophisticated and better equipped than ever before to penetrate defenses and inflict losses. If businesses fail to integrate endpoint security as a strategic component of their network architecture, it will only make it that much easier for bad guys to have their way.
SEP 14 to SEP 14.1
In the past, defenders were forced to cobble together separate point products made by different vendors, but these solutions weren’t engineered to work together. With so many endpoints to protect, the challenge could easily prove overwhelming.
We took on that challenge with the introduction of Symantec Endpoint Protection 14 (SEP) one year ago. For the first time, customers could combat cyber threats with an integrated defense platform that would fully orchestrate prevention, detection and response across endpoints, gateways, messaging and the cloud.
How did we fare? The reviews speak for themselves.
Last year, the Economist Group suffered 350 security events, 55 percent of which were malware. But after implementing SEP 14, the company achieved what Vicki Gavin, the company’s head of business continuity, cyber security and data privacy, described as “stunning results.”
After rolling out SEP 14 in the United States and Asia, the company registered a 60% drop in malware events and now expects a further reduction once the rollout in Europe is complete.
More recently, Symantec won a gold award from Gartner for endpoint protection, beating out the likes of McAfee, Trend Micro, Cylance and others.
We did what we said we were going to do and now we are taking the next step, elevating endpoint security to another level to meet the myriad demands of cloud generation endpoint security with the introduction of SEP 14.1.
SEP 14.1 continues in the tradition of its predecessor to redefine endpoint security with lower complexity, bringing together a complete stack for endpoint security.
Not only do our detection and response features help expose, contain and resolve breaches resulting from advanced attacks, but customers don’t need to add separate modules to deploy these sophisticated features.
Deviously Effective Deception
And something entirely unique in the industry: SEP 14.1 adds deception technologies that defenders can use to turn the tables on attackers.
We did this to answer an urgent customer need.
Security teams often lack visibility into attackers’ intent and tactics. By the time companies finally detect an intruder, the damage is often done. (A recent Ponemon Institute report found that the average attacker spends as much as 191 days on a network before being detected.) But with SEP 14.1, organizations are now able to deceive attackers into giving up their locations by leaving fake assets to target. Not only will customers be able to deploy these deceptors at scale but they'll be able to customize them to their particular environments.
The more believable the fake asset, the better chance it has to lure an attacker into interacting with it instead of accessing real resources. The upshot: You'll be better equipped to deceive attackers and trick them into revealing their intent while you improve your overall security posture.
Symantec R&D Spells the Difference
All of these enhancements pay off in the coin of
improved protection - something that promises to be a boon to security operations center (SOC) analysts, whose success or failure often depends on reaction times. None of this is trivial. No other endpoint protection vendor offers deception technology. It took an enormous amount of engineering R&D along with years of experience knowing what works and what doesn't when it comes to protecting customers. In fact, Symantec’s R&D depth and 15-plus years of experience in building endpoint security shows in our ability to rapidly innovate and bring solutions like deception to market.
But that’s a reflection of Symantec’s particular strengths. When it comes to endpoint security, none of our competitors match up. They’re able to provide, at most, 2 to 3 areas of capability. When it comes to offering a full stack, none are in the same conversation.
Meanwhile, many of the traditional endpoint protection platform vendors have ignored mobile security and modern devices (both iOS and Android). But if customers are going to embrace the cloud, rest assured that mobile security will be a key element. Jim Routh, CSO at Aetna, one of our SEP Mobile customers, noted that "the mobile phone is the best surveillance device in history."
Reducing Cost, Reducing Complexity
We’re reducing complexity/OpEx for our customers with quick time to value. A great example is endpoint detection and response (EDR). Customers can leverage SEP (single agent) for deploying endpoint protection plus EDR as well as later on extending that for hardening and deception capabilities.
All this reduces costs and allows the resulting savings to flow directly to the bottom line as customers gain from improved overall total-cost-of-ownership. Instead of needing to invest in various security controls that don’t necessarily improve overall endpoint security, customers benefit from a complete endpoint protection with a single security stack.
Security is obviously a moving target but I think we’ve hit the bullseye with SEP, a product family that offers the most complete endpoint security in the industry. I’d love to hear your feedback. Give the product a look and let me know what you think.
Learn more about SEP14.1, integrated EDR, and SEP Mobile in our upcoming Webinar.
Enterprises now square off against a cohort of hackers who are more sophisticated and better equipped than ever before to penetrate defenses and inflict losses.
We encourage you to share your thoughts on your favorite social platform.