Every enterprise is now a digital enterprise, and therefore every business must contend with cyberattacks – a lot of cyberattacks! Johnson & Johnson reportedly experiences 15.5 billion cybersecurity incidents every day. The problem of escalating cyberthreats isn’t limited to large multi-national conglomerates, and even small businesses suffer cyberattacks that have a severe impact on their operations. The costs and consequences of a cyberattack also keep increasing and expanding.
The solution to escalating cyberattacks is obvious: the organisation must protect its operations with enterprise endpoint protection – but which one? With so many vendors and confusing terminology, choosing the right solution can be a challenge. This blog will help decision makers understand endpoint protection, frame their critical requirements, and choose the right endpoint protection for their enterprise.
What is Endpoint Protection?
Endpoint protection can be explained as antivirus for businesses, but it involves a lot more than just antivirus. Endpoint protection may offer features that are required only by businesses, such as supporting location-based (in-office/out-of-office) firewall rules; and will offer tools to manage cybersecurity across the enterprise, such as blocking access to a website for all computers or allowing thumb drives to be used on only one device in a different facility for a short period of time. Such management in turn requires scalability as the solution should accommodate an increase in the number of connected devices as the business expands.
What Factors Should A Business Consider When Shortlisting Endpoint Protection?
We have worked with many organisations over the last three decades, observed their operations and constraints, and identified critical factors that businesses should consider, and the questions they should ask, when shortlisting endpoint protection solutions. We also discuss, below each factor, how K7 Endpoint Security (K7 EPS) addresses each requirement.
1. Quality of Protection
- Has the solution’s protection been verified by knowledgeable external agencies?
- What awards has the solution received?
- Does the solution vendor operate a malware research centre to quickly identify new threats?
The quality of K7’s protection has been frequently confirmed by international testing agencies. K7’s solutions have won many awards from AV-Comparatives (Austria), AV-TEST (Germany) and Virus Bulletin (United Kingdom).
K7 operates the K7 Threat Labs which analyses hundreds of thousands of threat samples every day and distributes multiple malware definition updates every day to protect K7 customers against the latest threats; has been the first discoverer of several malware; and has received the Real Time Threat List Contributor of the Year award from the Anti-Malware Testing Standards Organization (AMTSO).
2. Ransomware Protection
- Does the cybersecurity solution protect against ransomware?
- How does the solution handle obfuscated ransomware?
- Will the ransomware protection stop legitimate encryption?
K7 EPS includes extensive ransomware protection. K7 was one of the first cybersecurity companies in the world to develop anti-ransomware technology and we shared the methodology with other cybersecurity developers to help protect the world against ransomware.
K7’s anti-ransomware uses signature-based detection to stop known ransomware and behaviour-based detection to identify and block unknown and obfuscated ransomware, and incorporates the ability to distinguish legitimate encryption from malicious encryption. Read our whitepaper to learn more about our ransomware protection.
3. Upgrade Investment
- Beyond the invoice cost of the endpoint protection solution, will additional investment in hardware, software, or bandwidth be required?
K7 EPS includes a proprietary high-performance web server that can be installed on any machine in the enterprise network, and does not require any additional investment in server software or hardware. K7’s lean updates do not choke the network and avoid the need for bandwidth upgrade.
4. Operating Speed
- What impact does the endpoint protection have on device performance?
- Will productivity be affected because the solution slows down computers?
K7 was ranked World #1 in the Performance Test conducted by AV-Comparatives, proving that K7’s solutions have the least impact on device performance. The extremely low resource consumption of K7’s solutions ensure that computers do not slow down due to cybersecurity, and productivity is not affected; the useful life of business computers is also extended as older devices can continue to be used, delaying the need to replace computers.
5. Deployment Speed
- How quickly and easily can the solution be deployed across all enterprise endpoints?
- Will special skills or additional manpower be required to deploy the solution?
K7 EPS supports rapid rollout across the enterprise by including features that accelerate deployment:
- Single, combined console and web server installation with no integration concerns
- Single installation package for both 32-bit and 64-bit OS
- Installation can be pushed from local K7 EPS server to endpoints with support for Active Directory, Workgroup, IP range-based installations. Setup file can also be copied on USB drive or sent via email link for manual installation
- Customised installation that allows the required group/policy to be automatically applied when installed
The K7 installation process is very simple and no special skills or additional manpower are required for deployment.
6. Deployment Options
- Can the solution provide an option to be deployed from the cloud, or can the solution only be deployed on-premises?
- If on-premises, where should the console be deployed within the network?
K7 EPS supports both cloud and on-premises deployment options. The on-premises option allows the console to be installed on any machine in the network, endpoint or server.
7. Suitability for Remote Locations
- Can the solution be deployed to branches in remote locations?
- Will the solution choke the bandwidth available at that location?
Enterprises that have branches in remote locations will not find it challenging to deploy K7 EPS on the devices at the remote branches as K7’s solution is easy to install and will not require special configuration or troubleshooting.
K7 EPS has successfully protected facilities, without choking the network, in remote locations where only 24 kbps of connectivity has been available.
8. G Suite Support
- Does the solution provide an easy way to manage cybersecurity in organisations that use G Suite/Google Workspace, enabling simplified blocking of personal Gmail accounts?
K7 EPS provides built-in domain-based segmentation for G Suite that delivers quick, simple, and reliable segmentation of enterprise G Suite and blocks access to other Google accounts including personal Gmail accounts and G Suite accounts that are linked to other domains.
9. Platform Support
- Does the solution provide protection for legacy devices that run versions of Windows that are no longer supported by Microsoft?
- Does legacy protection require a special support contract and additional payment?
- What about devices running Linux?
The platform support provided by K7 EPS extends to Windows XP, ensuring that legacy devices are protected against the latest cyberattacks. Legacy protection is provided out-of-the-box and does not require additional payment. K7 also provides protection for Linux devices.
10. Management Effort
- How easy is it to manage cybersecurity across the organisation?
- Will the existing in-house IT team be sufficient or will additional cybersecurity experts have to be hired?
- Does the solution generate many false positives which require unnecessary investigation?
K7 EPS provides centralised control from the console over all endpoints in the organisation, with group- and policy-based administration for quick and simple cybersecurity management. The solution is designed with an intuitive user interface and many customers manage without user training; expansion of the IT team will not be required. K7 EPS does not generate false positives, reducing IT effort by avoiding investigation of benign files.
11. Enterprise Support
- How quickly and effectively can the vendor’s support team resolve issues?
- Does the solution vendor develop their own technology or do they license it from a third party who will need to be consulted on support issues, delaying resolution?
K7’s support team is located in close proximity to engineering teams, resulting in greater collaboration and quick resolution of issues. K7 EPS is developed entirely in-house and we do not need to consult third parties for issue resolution.
12. Licensing Flexibility
- Does the solution require a single license for the entire enterprise, or does it require one license for each facility?
- If the latter, what is the impact on licensing if users are transferred from one facility to another?
K7 EPS has a single license (multi-server key) for the entire enterprise which avoids the need to keep track of multiple license keys. End users can be shifted from one facility to another without resulting in unused license capacity in one facility and insufficient license capacity in another facility. The organisation’s IT administrator has full control over devices allocated to each K7 server.
- Will the console remain stable, and will endpoints reliably sync with the console for dependable cybersecurity management, as the number of users increase?
When the enterprise expands, the increase in the number of users may result in an unstable console, or unreliable syncing of endpoints with the console, or both, which will impact the organisation’s ability to manage enterprise-wide cybersecurity. The K7 EPS console has been proven to be stable and glitch-free in large deployments. Endpoint syncing with the console is also reliable, allowing the organisation to quickly update cybersecurity policy across the entire organisation if required.
14. Simplified Update
- Does the console need to be reinstalled when an update is available, disrupting cybersecurity and operations?
- Do patches have to be run on each machine individually?
Cybersecurity solutions that require the console to be reinstalled when an update is available create an obstacle to centralised management. The K7 EPS console can implement upgrades (feature updates) without requiring reinstallation, delivering seamless upgrades. Patches can be pushed from the K7 server and do not need to be run individually on each machine.