| W H I T E P A P E R | | | | remote workers and external users via |
| Addressing Endpoint Security Visibility and | | | | an increasing number and variety of |
| Management | | | | devices. As a result, the convenient |
| Sponsored by: Promisec | | | | separation between trusted insiders and distrusted |
| Dan Yachin | | | | outsiders is no longer reliable. |
| November 2008 | | | | A significant challenge for IT is securely keeping pace |
| I D C O P I N I O N | | | | with the proliferation and use of existing and new |
| Endpoint security plays an increasingly important role in | | | | endpoint devices, including personal digital |
| protecting against external and internal threats and in | | | | assistants (PDAs), iPods, printers, and copiers. |
| addressing regulatory requirements. With more | | | | Many newly introduced IP devices that seek access |
| endpoints being mobile, and thus out of the | | | | to the network are unmanaged or |
| direct control of the enterprise, and as | | | | unmanageable by IT and clearly represent |
| many of today's attacks are targeted at the | | | | added exposure to the network’s overall security |
| endpoint, relevant security is constantly evolving to | | | | posture. |
| address an expanding range of threats. | | | | Enterprise networks have been giving local |
| As endpoint security environments are becoming more | | | | corporate users near-instantaneous access to |
| complex, challenges such as obtaining continuous | | | | internal and external digital information while |
| visibility into all endpoints are becoming | | | | providing secure remote network access for |
| more apparent and prominent, as is tackling | | | | Secure Sockets Layer (SSL)/VPN and wireless |
| complexity issues. Along with the need to reduce the | | | | access points. As the bandwidth, stability, and |
| total cost of ownership of endpoint security | | | | availability of corporate networks increases, |
| management, these concerns are pushing | | | | they also become the conduit for supporting digital |
| organizations to seek alternatives to traditional | | | | voice (VoIP) and video data streams. |
| approaches. | | | | As the proliferation of IP endpoint types continues, |
| The consolidation of security solutions | | | | enterprise IT staffs are recognizing the significant |
| into endpoint security suites, and | | | | increase in security vulnerabilities and threat vectors |
| the 'outsourcing' of endpoint security functionalities to | | | | created by their deployment. At the same time, issues |
| managed security service providers (MSSPs) are | | | | at the forefront for enterprise IT and security |
| examples of this trend. Another emerging | | | | professionals continue to include network availability, |
| option for organizations to address challenges | | | | network performance, network health, internal and |
| related to endpoint security management is clientless | | | | external breach threats, malware, policy enforcement, |
| solutions, which can provide such benefits as | | | | and private and confidential information leakage. |
| reducing support and maintenance costs | | | | Adding to this complex mix of technical |
| and minimizing network overheads and the impact of | | | | challenges, federal, local, and international |
| endpoint performance. | | | | regulations now mandate that |
| ME T H O D O L O G Y | | | | enterprises establish comprehensive |
| IDC has developed this white paper using a | | | | policy enforcement mechanisms, significantly |
| combination of existing market forecasts and direct | | | | raising the risk stakes for |
| in-depth primary research. To gain insight into endpoint | | | | enterprise management and IT. |
| security visibility and management issues | | | | The Rise of the Insider Threat |
| and to learn how Promisec | | | | The realization that most attacks are coming from |
| INNERspace can help organizations | | | | inside the network leads to growing awareness of the |
| address common endpoint security | | | | insider threat, which endpoint security solutions can |
| management challenges, IDC interviewed the | | | | have a key rollin addressing. As an indication of this |
| company team on the issues of | | | | trend, for the first time in the eight years IDC has |
| technology, product offerings, competitive | | | | done its annual security survey, trojans, |
| landscape, and go-to-market strategy. | | | | viruses, and other types of malicious code |
| In This Whitepaper | | | | have been dethroned from the top spot |
| This IDC white paper addresses the need to obtain | | | | of threats to enterprise security. The |
| continuous visibility into corporate endpoints while | | | | exposure of confidential information is now |
| simplifying endpoint security management. It | | | | the single greatest threat to enterprise |
| discusses growing awareness toward the | | | | security. Moreover, insider threats (employees |
| insider threat and the role that endpoint | | | | inadvertently exposing confidential information, |
| security solutions should play in mitigating it while | | | | data stolen by employees or business |
| analyzing common difficulties in effectively dealing with | | | | partners, and insider sabotage) now account |
| the insider threat using traditional endpoint security | | | | for 3 of top 10 threats to enterprise security, as shown |
| approaches. | | | | in Figure 1. |
| Situation Overview | | | | In fact, in addition to the abovementioned |
| Introduction | | | | 'classic' insider threats, even traditional |
| After years of focusing efforts on keeping | | | | external threats such as viruses and other |
| their boundaries safe behind firewalls, | | | | malware, spyware, and hacking can be |
| organizations have to deal with an expanding | | | | considered closely related to insider threats, as many |
| perimeter that blurs their boundaries. With Internet, | | | | of today's attacks are designed to exploit endpoint |
| mobile, and wireless connectivity, corporate internal | | | | vulnerabilities to launch targeted attacks, steal |
| networks become increasingly accessible to | | | | information, etc. |