Stop thinking ‘antivirus’ – start thinking ‘endpoint security’

Most small businesses are still relying on antivirus software as their only line of defence against cyberattacks. Nearly nine in ten businesses do not feel prepared to deal with a security issue, yet around 40% of attacks were thought to have targeted small businesses last year.

With the growth of the Internet of Things (IoT) comes more and more unprotected devices connected to a network. Small businesses have a clear choice now between traditional antivirus software and endpoint security – a newer, broader approach. Your decision will probably be influenced by the size of your network, how much you use remote working, any ‘bring your own device’ (BYOD) policies, and the kind of security features you need.

It might not sound straightforward, but get the choice wrong and your business could be open to the latest security threats, lose a chunk of your budget on solutions, or both.

What is endpoint protection?

Endpoint security is an approach to detecting suspect network activity and protecting endpoints, including servers, desktops and mobile devices from malware and other direct cyberattacks. Why ‘endpoint’? Every device connected to a network is seen as a point of entry for any threats. Endpoint protection therefore involves centrally managing your network ‘endpoints’, authenticating logins from new endpoints, and enabling remote software updates and patches across devices.

Unlike antivirus products, endpoint security is aimed at business users – particularly firms where remote working, connect from home and bring your own device policies mean more endpoints are connected to a network than ever before. Endpoint solutions usually involve a suite of applications, including antivirus, firewalls, intrusion detection, remote monitoring and anti-malware tools.

It offers:

Endpoint detection and response – finding new vulnerabilities, and prioritising a solution
Anti-malware and data protection – which may include firewall, DLP, and device and port control
Alerts and reports – generating prioritised warnings about emerging vulnerabilities on your network
Incident response – centralised and automated response tools to coordinate workflows when an incident is uncovered, including things like blacklisting and sandboxing to contain malware.

What's antivirus?

Antivirus software is built to identify and remove malware – any piece of malicious code found on a device. Malware includes viruses, trojans, keyloggers, ransomware and worms. They’re usually installed on individual devices, running in the background, scanning regularly for malicious patterns. Antivirus software updates – the pop-ups you probably see all the time – are the easiest way to make sure your antivirus is looking for the latest attacks, so it relies on users downloading updates as quickly as possible.

For small businesses, endpoint protection allows you to adapt your security practices to an expanding network of devices, helping to keep your business flexible but protected. By offering remote identification and a fast response when an incident happens, it also helps SMEs manage costs. And there’s less risk of human behaviour creating a chink in your armour. Unlike antivirus software, endpoint protection doesn’t rely on individual users enabling regular updates.

We’re London’s small business IT security experts, with nearly 20 years’ experience advising SMEs of all shapes and sizes how to manage the latest risks.