Issue link: http://dc.ubm-us.com/i/361553
darkreading.com Previous Next Previous Next Download Download Register Register Subscribe Subscribe Previous Next Previous Next August 2014 2 darkreading.com Previous Next Previous Next Download Download Register Register Subscribe Subscribe Previous Next Previous Next DOWNLOAD PDF Today's endpoint strategies need to center on protecting the user, not the device. Here's how to put people first. F or most of the past decade, endpoint security meant installing antivirus software on all employee computers, and sometimes adding full-fledged security suites with firewalls, intru- sion prevention, and web filtering. But today's users have taken their computing far past the desktop PC, adding smartphones, tablets, and other devices to their daily arsenal. "We are still flailing, trying to make the focus on devices. It's not going to work," says Geoff Webb, director of solution strategy at security company NetIQ. Instead of defining security policies and procedures based on devices, companies need to consider what employees are do- ing and how they work. They must identify what controls are necessary, and then imple- ment security policies, requirements, and technologies that apply to the user regard- less of location or the device used, and then enforce those rules consistently throughout the enterprise. "You can't do device policy until you know the business and user requirements," says Da- vid Dalva, a VP with Stroz Friedberg, a security consulting firm. One way to consider this approach is as follows: The organization sets a general se- curity policy to adopt two-factor authen- tication. IT evaluates the security require- ments of its users and determines which technologies would be appropriate, such as one-time passwords generated by hard or soft tokens, fingerprint scanners, or any of the other available authentication methods. After selecting the technology, IT can then consider each device platform's differences and limitations and deploy accordingly. Devices Not Important Anymore The device — its form-factor and underlying platform — has traditionally been the source for how companies approach endpoint secu- rity, perimeter defense, physical and network security, as well as device management. But it's a flawed strategy, says Webb. Securing the endpoints, one at a time, "was a failing proposition five years ago, two years ago, and today," he says. And there is "no chance" the continued focus on devices will work in the future as the number of devices people use keeps rising. There are many types of endpoints in the By Fahmida Y. Rashid @zdFYRashid User-Focused Security Previous Next Register Register Previous Next Previous Next Tech's Cutting Edge Interop New York is the premier event for the Northeast IT mar- ket. Join more than 5,000 attend- ees to learn about IT leadership, cloud, collaboration, infrastruc- ture, mobility, risk management, and SDN, and explore 125 ex- hibitors' offerings. Register with Discount Code MPIWK to save $200 off Total Access and Confer- ence Passes. It happens Sept. 29 to Oct. 3.