Let’s say you’ve got teams working remotely, but you want them to be able to securely access your company network without compromising any corporate intel. Or maybe you just want to make sure that your users aren’t leaking important secrets, or worse, having them stolen by rogue software that’s been carelessly installed onto your managed system. If any of this sounds like your situation, then it’s time you started dipping into the wide realm of endpoint security vendors and the endpoint protection software solutions they offer.
Like any software purchase, it isn’t easy to decide what vendor to go with. There’s a nearly limitless number of considerations and features out there for you to pick from, and that’s not even counting the services you want or need from your business.
Endpoint software systems are much the same as other software systems, and in order to navigate the world of endpoint security vendors, we’ve put together this helpful guide and a few tools, like our requirement template, to make the process a little less painful.
Table of Contents for This Article
- Basic Requirements for Endpoint Software Systems
- Establish a Set of Needs Versus Wants
- Questions to Ask During Demos
- Creating a Requirements List and Shortlist
- Establish Endpoint Security Vendor Repertoire
Basic Requirements for Endpoint Software Systems
When you get a look at the wide world of endpoint security software vendors, there’s a lot to take in, and there’s always a lot more coming down the pipe. Luckily, with almost all endpoint security solutions, there’s a core set of features that are included from almost every vendor, and some that are essential.
When you’re picking your endpoint solution, just make sure you’ve got your requirements down, and that your vendor includes the four basic functionalities of endpoint security, which we’ve pulled from our endpoint buyer’s guide.
1. System administration portals
Imagine a software component that lets you manage the devices that are running your endpoint software system. Think of your system admin portal as your command center for your endpoint solution. This software feature will allow you to see who is using what device, on top of other features like policy management, which go the extra mile when it comes to administration. From your sysadmin portal, you can configure security in bulk for members of your business. Features such as remote configuration significantly cut down on the amount of time you’d have to spend doing them manually.
2. Policy management
With policy management, you set the standards for security across all of the devices connected to your endpoint security software. This powerful tool lets you not only establish a baseline for security but also lets you establish user hierarchies. For example, you can have some users who are privileged with access to certain remote network drives, and some who aren’t. Additionally, policy management features allow you to set up override policies, meaning you can give select access to certain directories as your business needs demand them. The access-configuration options are nearly limitless.
3. Patch Management
Patches are deeply important in endpoint software systems. They fix everything from meager, annoying bugs, to critical vulnerabilities that might compromise your business data. Patch management is a feature that’s almost as crucial as the patches themselves.
When patches become available from software vendors, there’s a chance the vendors might not detail everything that gets patched — bugs, glitches and all — this is to prevent hackers from taking advantage of unpatched systems. Since they know from the patch notes what to exploit, their job becomes that much easier.
But the power of patch management comes into play when sysadmins are deploying patches to company-wide networks. Management features allow admins to schedule how and when said fixes are deployed, such as during non-business hours. No sense in risking any downtime when you can avoid it.
4. Threat Detection
Threat detection is one of the most basic features of endpoint security systems. It’s not unlikely for malware to bring down your company infrastructure. Malicious programs like ransomware are encrypting systems without permission and demanding high payouts. And according to darkreading.com, a security blog, the average ransomware attack lasts 7.3 days and costs $64,645 per incident. So in 2019, it’s still possible that malware and viruses pose threats to your business.
Hence why threat detection remains a primary feature for any half-decent endpoint security software. There’s a common saying that goes, “We are only as strong as our weakest link,” and, not to insult any of your employees, but your users are likely always going to be the weakest link (or in IT terms, the primary attack vector).
Establish a Set of Needs Versus Wants
At SelectHub, we have a bit of a saying that adorns our walls in royal purple ink: It reads “Your business has unique needs!” And that’s not just a helpful reminder written for our short, short memories. That’s a code we live by and extrapolate on every opportunity we can.
So yes, your business does have unique needs, and it’s tremendously important that you sit down with your managers and decision makers, and you hash out a list of what you need from your endpoint security vendor, and what you want. Don’t forget to include the IT folks in on this critical conversation. We highlighted a list of basic features above, but only you can decide for yourself what you really need and what features you really want.
We’ve put together a helpful requirements template (below) to make that process a bit easier on your business. Click the link to get our helpful requirements guide, and start writing down that essentials list.
Questions to Ask During Demos
Demos are an important part of the software selection process, as they give you the chance to evaluate the software before you buy. You should prepare a list of pointed questions in order to better understand the extent and scope of the endpoint software system. If you’re struggling to come up with a list of questions, we have a few prepared for you:
- What device(s) will be protected by the system? Servers? Workstations?
- What level of threat visibility will the system provide?
- What is the knowledge level required to understand and run the system?
- What threats does your system protect against?
Creating a Requirements List and Shortlist for Endpoint Security Vendors
Because of the sheer volume of endpoint security companies, it’s absolutely essential that you get a solid requirements list down for your business. It’d be an understatement to say that requirements are going to be your defining factor in your software selection choice.
Let’s be honest here. You’re probably going to be overwhelmed by the amount of choice there is in the endpoint security software space. We’ve got a curated list of nearly 40 products for you to pick from, but for this part, we’d recommend combing through our comparison report and then picking out maybe three to five vendors that catch your eye to create your shortlist.
Compare Endpoint Security Vendors
Like we mentioned earlier, comparing solutions needs to be part of your decision process. When you’re comparing solutions, make sure you check in with the following key stakeholders so that you can eliminate some vendors right-off-the-bat:
- Mid-level managers
- IT staff
- IT managers
The last two on the list will be your most important players, as they’re going to be the ones who deploy the software and then manage it. And because endpoint software systems are so tightly intertwined with IT, you need to absolutely ensure you’ve got software that can integrate into your business’s architecture.
Establish Endpoint Security Vendor Repertoire
There’s plenty of endpoint security solutions providers out there to pick from. Our curated list has taken care of the analysis for you if you choose to go that route. But after you’ve done all the technical work in finding the right endpoint security software, you should consider doing research into the vendor’s reputation.
For example, Carbon Black Enterprise Protection is a well-regarded piece of software that’s won numerous awards, but it might not be right for your business.
It helps to look for customer testimonials that aren’t provided by the vendor. The value in this is you can see real-world use-cases for the software you’ve picked out. Maybe on paper, it responds well to ransomware attacks, but according to John Doe from MegaCorp, their whole week was ruined by a ransomware attack that X software solution couldn’t stop. These are the kinds of things you shouldn’t ignore when looking into a vendor’s reputation.
Seeing how endpoint security systems behave in a live, high-stakes environment is crucial to picking the right software. We also recommend finding users who are happy to laud the vendor for their achievements and will speak candidly and openly. Hearing raw, honest feedback from experienced professionals is where you’re going to get the most valuable information from.
And finally, vendor awards and accolades should be taken into consideration. The truth is, vendors don’t win awards for nothing, so there is some value in selecting a vendor that’s received their fair share of awards. Again, Carbon Black is a leader in the endpoint security system field, with a bevy of awards to back up their claims.
Final Words on Endpoint Security Vendors
Picking the right endpoint security vendor can be tricky when there are a million tiny moving parts you have to account for. There’s your deployment options, your coverage needs, your pre-existing system architecture and so much more. But picking a vendor is an essential part of the process, and takes care of a lot of the leg-work involved in selecting your software. Remember: It’s not always about what the software can do, but if the software is right for you.
Leave a comment below telling us your tips for endpoint security vendor selection!