Endpoint Security for Remote Access

Endpoint security is the branch of security engineering that is concerned with controlling threats associated with the remote computers themselves. Endpoint Security remains one of the weakest links in overall network security. Endpoints include hardware like PCs and laptops. While most VPN tunnels (IPSec, SSL and otherwise) are relatively immune to snooping and data modification, the end computer running the VPN client is often quite insecure, for a variety of reasons. The risk is substantial: there are a wide variety of threats to endpoint security, and due to the distributed nature of the problems, it can be particularly difficult for IT departments to get a handle on the problem. Furthermore, most IT departments are already heavily loaded with other security-related tasks, and have no time left to make sure that employees’ home computers are not vulnerable to attack. Endpoint security therefore often goes overlooked by corporate IT departments. A strategy for managing endpoint security is to check each end-user device before allow them into the corporate network, and notifying end users of security violations that must be correct before entry is allowed. A server hosts the centralized security program, which verifies logins, sends updates and recommends patches when needed. Required elements may include an approved operating system, a firewall, a VPN and anti-virus software with current updates, as well as, any mandatory corporate software. Endpoint security systems scan for unauthorized users, spyware, viruses and keystroke loggers. The program will also scan to ensure the lack of unauthorized software, such as peer-to-peer applications and games. Devices that do not match the predetermined company endpoint security policies are given limited access or quarantined. As both traditional and SSL-based Virtual Private Networks (VPNs) have come into wider use in the marketplace, remote access and particularly endpoint security have become a major issues facing corporate IT departments. Recent legislation, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Sarbanes-Oxley Act of 2002, further raise the level of concern. Much attention should be made by any IT department to ensure that the integrity of the data flowing between remote access clients and corporate networks has been thoroughly screened for endpoint security.