Understanding Your Company’s Endpoint Security Requirements
- To determine your endpoint-security requirements, you must first understand your environment’s unique characteristics.
- Threat modeling, threat actor simulations, and metrics may also indicate whether there is a need for increased endpoint security.
“There are certainly metrics that one can use to detect whether the endpoint is the root cause or is involved in some way.”
According to Paul Heffernan, when trying to determine whether there is a need for increased focus on endpoint security, a security organization should first make sure it has a solid understanding of its environment. “Do you have a good handle on how your users use data inside the organization?” he asks. “Are you predominantly field based? Are you using company-provided devices? Are they all in one location?” The answers to all of these questions will determine what kind of endpoint-security solution is needed for the company. They will also influence how the endpoints must be protected.