September 20, 2017

Endpoint Data Protection Minimizes Malware Impact

Mobile devices have eliminated the once clear perimeter for securing your organization, making every endpoint device a threat vector and increasing the risk to the data that resides on them.

In an era where ransomware can gain a foothold through a smart coffee machine, endpoint data protection is more critical than ever.

Everyday, reports of new malware and ransomware that threaten consumer and corporate data illustrate how IT security is no longer about securing a perimeter to keep threats out and critical business information in. Bring-Your-Own-Device (BYOD) is here to stay, and there is no perimeter, which means every endpoint device is a threat vector and their data at risk.

Malware that hijacks specific apps or leverages an entire operating system are not the only threats to endpoint data. Employer turnover, lost or stolen devices, and unsanctioned cloud and data sharing services all put data at risk, making endpoint data protection just as critical as server backup. However, there are key differences that must be considered when deploying an endpoint data protection solution:

  • Networks and Connectivity: Server backups generally take place across a corporate LAN or across dedicated pipes connecting branch offices, but endpoint data protection must be able to leverage a variety of networks, including LAN, WAN, Wi-Fi and 3G / LTE; some networks are public and some private.
  • Mobility: Endpoint data protection has become more critical because of an increasingly mobile workforce, which needs a backup solution that can roam as seamlessly from one network to another as they do.
  • Diversity: Many employees now have more than one device, including laptops, tablets and smartphones, so any endpoint data protection solution must work across a wide array of devices and operating systems. It must also scale far beyond what IT is
  • End-User Experience: No one likes losing use of their device when they’re on a deadline due to system updates, and the same goes for endpoint data protection. Just as server backups should be set up to avoid creating any performance degradation during key business hours, backing up an endpoint should not have a negative impact on the actual device, such as taking up network bandwidth when the user needs it.
  • Unstructured Data: Server backup solutions generally focus on structured data, such as backing up a specific database or application, and tends to be batch or job oriented. Endpoint data protection must consider unstructured data such as documents and files, and be continuous.

Ultimately, endpoint data protection is fundamentally different from server backup, but increasingly just as critical and cannot be treated as just a tactical activity by IT. Instead, they need to look for an endpoint data protection solution that enables them to centrally manage and safeguard user data.

A robust and effective endpoint data protection solution should leverage the cloud, including public cloud services, as part of a broader disaster recovery plan, and recognize that mission critical data now resides on multiple devices, including laptops, tablets and smartphones. It should also include encryption and global deduplication to ensure both security and efficiency.

Specific features you should look for in an endpoint data protection solution include:

  • High performance as all processing is moved to the edge devices
  • Storage efficiency as global client-side deduplication only moves unique data to vault
  • Security and privacy as all data, including metadata, is AES 256-bit encrypted

Given the malware and ransomware that is targeting endpoints, particularly mobile devices that are a gateway to an organization’s broader IT infrastructure, comprehensive endpoint data protection as part a secure cloud backup strategy and disaster recovery plan is not a luxury, it’s a must have.

It’s not a question of if an endpoint will be compromised, it’s when. Your endpoint data protection means the difference between just a lost device and losing mission critical business information.