Innovation is the one constant in the security industry, as both hackers and vendors try to outrace each other. Security vendors have always been trying to find the “silver bullet” technology that was going to provide the best possible protection – antivirus, HIPS, application control, sandboxing.
This first generation of security innovation has been great, and each technology has offered key advantages. But in order to protect against increasing complex attacks, it’s going to require new thinking. Next-generation endpoint protection is a leapfrog step in security if it’s delivered as an integrated system, not a collection of point products.
This past May, Sophos announced Project Galileo to address the long-standing problem of security that fails to meet the needs of today’s businesses. We believe security needs to be comprehensive, simple to manage, and work effectively as a system to provide better protection and an unmatched user experience. People don’t want more data; they want more automation—security that thinks for itself, far faster than humans can.
One of the foundational parts of Project Galileo is what we are doing in Next-Generation Enduser Protection. We call it “Enduser” because we believe security needs to be user-based, not device-based. Users have laptops, desktops, mobile phones and tablets they interact with.
The definition of Enduser also includes the user’s data, which needs to be encrypted because, while our primary objective is prevention of malware, when something malicious does find a vulnerability, the data should be unusable to the hackers.
There seems to be a lot of other companies leveraging the term “next-generation,” so to help clarify, here is what we believe Next-Generation Enduser Protection is and is not.
Next-Generation Enduser Protection is:
- Integration of innovative endpoint, mobile and encryption technologies to deliver better, simple-to-manage security for enduser devices and data
- A comprehensive system of security technologies that communicate with each other to deliver far higher levels of protection
- Real-time malware prevention, compromise detection, remediation, and data encryption
- Investment protection through leveraging and extending existing technologies
Next-Generation Enduser Protection is NOT:
- An individual point product that believes it can replace a security system
- Thousands of logs, alerts, and events that humans have to manually sift through to find correlations and issues weeks and months after they occur
- A dashboard that can display dozens or hundreds of non-integrated technologies
- Networking companies that think perimeter-based security with a supplemental endpoint agent is enough to provide complete enduser protection
- More agents that you have to deploy to your devices
- Limited to a specific type of device or platform
- Focused just on the threat and not on the data that needs to be encrypted and protected
Next-Generation Enduser Protection is where the industry needs to head, and very few companies have the breadth or depth to be able to get there. Check out this blog on Jan 20, 2015 to see what true Next-Generation Enduser Protection looks like.
For more information, contact one of our partners.