When it comes to data security, few people really understand the ins and outs of how and when data is most vulnerable. If you think of data as something valuable, like art, money or anything else of value, then it is easier to understand both when it becomes vulnerable and how to protect it. When it comes to taking anything of value, there are two ways to do it. Either take it when it is in transit or break into a secure location. The truth is, data, like anything else of value, is most valuable when it is in transit. Conversely, however, whatever you are able to take in transit is likely to be far less than what you may get if you break into a secure location where valuables are stored. Think of it as the difference between stealing the Mona Lisa versus breaking into the Louvre and stealing everything there.
What is an Endpoint?
Any place where a bulk of data is secured and stored is called an endpoint. Small amounts of data are often moving at any time from endpoint to endpoint, during which time they can easily be intercepted. Usually, however, the amount of data that can be intercepted during transmission is generally fairly small in comparison to what is stored in an endpoint itself. Endpoints are also incredibly susceptible to other types of mischief or even outright crimes such as becoming infected with worms or viruses that can corrupt data, eat up hard drive space or even create backdoors for hackers and data thieves.
Types of Threats to Endpoints
Just like with guarding physical valuables, the ways in which you secure data while it is in transmission are different than those meant to secure data at an endpoint. For one thing, the goal is not always to steal data but sometimes to tamper with it. Endpoint access can also mean the difference between a somewhat harmless ransomware attack and a legitimate threat. Different types of ransomware present different levels of threat. Some types of ransomware are often referred to as scareware because they are nothing more than a pop-up that tells you your computer has been infected, when in fact, it has not. While the pop-up may be annoying (and you may pay a small fee just to get rid of it) it hasn't actually penetrated your data storage device, server or files.
More malicious types of ransomware, however, can actually infect files and encrypt them. Theoretically, you pay a ransom for an encryption key which can decrypt them but in truth there is never any guarantee that by paying the ransom you will ever recover your files. This is, in part, why endpoint security is so important. The endpoints are the places where all of your most valuable files are stored, so securing them is of utmost importance. Many businesses operate in high stakes fields where competitors may not be above eliminating the competition by simply introducing a virus that destroys all their files. In some cases, businesses can be crippled if the valuable data they store is tampered with. Imagine a large pharmaceutical company that is hacked and the results of expensive studies tampered with. Even if no data is stolen, the results of those expensive studies can no longer be trusted, which is just money down the drain for the business.
While it is not always the goal, stealing data from endpoints is also sometimes a goal. Another way to secure endpoints is with encryption. Encryption helps to ensure that if data is ever stolen, it won't do the theives much good. If they can't read it, they can't use it or sell it. Unfortunately, while encrypting your data is important it is also important to not store the encryption key in the same location as the encrpyted data. That is similar to locking your house, but then leaving the key in the door. Locking the door doesn't do you a whole lot of good if you leave the key right out where anyone can find it.
While data may be more vulnerable while it is in transmission, that doesn't mean it is automatically secure in and endpoint. Endpoints store your most valuable data, so they deserve to be guarded and protected carefully.
Ready for the next step?
Spot user behaviors and device information that’s suspicious, and stop those fraudsters in real time. We track billions of devices and our fraud analysts add evidence to make this intelligence even more effective.