{{Short description|Aspect of computer network security}} {{Multiple issues| {{tone|date = February 2026}} {{citationstyle|date = February 2026}} {{Independent sources|date=February 2026}} }}
'''Endpoint security''' or '''endpoint protection''' is an approach to the protection of computer networks that are remotely bridged to client devices. The connection of endpoint devices such as laptops, tablets, mobile phones, Internet-of-things devices, and other wireless devices to corporate networks creates attack paths for security threats.<ref>{{cite web |url=http://searchsecurity.techtarget.com/definition/endpoint-security-management |title=Endpoint security management overview |access-date=2015-07-22}}</ref><ref>{{cite web |url=https://enterprise.comodo.com/blog/what-is-endpoint-security/ |title=What is endpoint security and how does it work? |access-date=2015-08-21}}</ref> Endpoint security attempts to ensure that such devices follow a definite level of compliance to standards.<ref>{{cite web |url=http://www.webopedia.com/TERM/E/endpoint_security.html |title= What is endpoint security? |access-date=2015-07-22}}</ref>
The endpoint security space has evolved during the 2010s away from limited antivirus software and into a more advanced, comprehensive defense. This includes next-generation antivirus, threat detection, investigation, and response, device management, data leak protection (DLP), and other considerations to face evolving threats.
==Corporate network security== Endpoint security management is a software approach that helps to identify and manage the users' computer and data access over a corporate network.<ref>{{cite web |url=https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security |title=What is endpoint security? - Palo Alto Networks}}</ref><ref>{{cite web | url=https://www.comodo.com/endpoint-protection-sme/ |title= Endpoint security & network protection |access-date=2015-10-07 }}</ref> This allows the network administrator to restrict the use of sensitive data as well as certain website access to specific users, to maintain, and comply with the organization's policies and standards. The components involved in aligning the endpoint security management systems include a virtual private network (VPN) client, an operating system and an updated endpoint agent.<ref>{{cite web |url=http://www.usg.edu/information_technology_handbook/section5/C2101 |title=Endpoint security standard |date=2015-10-07}}</ref> Computer devices that are not in compliance with the organization's policy are provisioned with limited access to a virtual LAN.<ref>{{cite book|date=2015-10-07 |title=Endpoint security and compliance management design guide |url=https://books.google.com/books?id=AqtwjXyw0mQC |publisher=Redbooks }}</ref> Encrypting data on endpoints, and removable storage devices help to protect against data leaks.<ref>{{Cite web|url=https://www.forcepoint.com/cyber-edu/endpoint-security|title=What is Endpoint Security?|date=2018-08-09|website=Forcepoint|language=en|access-date=2019-08-14}}</ref>
===Client and server model=== Endpoint security systems operate on a client-server model, with the security program controlled by a centrally managed host server pinned{{clarify|date=February 2016}} with a client program that is installed on all the network drives.<ref>{{cite web| url=https://technet.microsoft.com/en-us/network/jj991833.aspx |title= Centrally managed host server |publisher=Microsoft |date=2015-10-07}}</ref><ref>{{cite web| url= http://www.exforsys.com/tutorials/client-server/client-server-security.html|title=Client-server security |publisher=Exforsys}}</ref> There is another model called software as a service (SaaS), where the security programs and the host server are maintained remotely by the merchant. In the payment card industry, the contribution from both the delivery models is that the server program verifies and authenticates the user login credentials and performs a device scan to check if it complies with designated corporate security standards prior to permitting network access.<ref>{{Cite web|url=https://check-caller.net/guide/why-is-mobile-security-important|title=mobile devices especially vulnerable}}</ref><ref>{{cite web |url=https://www.pcisecuritystandards.org/documents/PCI%20SSC%20Quick%20Reference%20Guide.pdf |title=PCI and Data Security Standard|date=2015-10-07| format=pdf}}</ref>
In addition to protecting an organization's endpoints from potential threats, endpoint security allows IT admins to monitor operation functions and data backup strategies.<ref>{{Cite web|url=https://searchsecurity.techtarget.com/feature/12-essential-features-of-advanced-endpoint-security-tools|title=12 essential features of advanced endpoint security tools|website=SearchSecurity|language=en|access-date=2019-08-14}}</ref>
== Endpoint protection platforms ==
An endpoint protection platform (EPP) is a solution deployed on endpoint devices to prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.<ref>{{Cite web|url=https://www.gartner.com/en/information-technology/glossary/endpoint-protection-platform-epp|title=Definition of Endpoint Protection Platform|website=Gartner|language=en|access-date=2021-09-02}}</ref> Several vendors produce systems converging EPP systems with endpoint detection and response (EDR) platforms – systems focused on threat detection, response, and unified monitoring.<ref>{{cite web |url= https://www.gartner.com/doc/reprints?id=1-1OCBC1P5&ct=190731&st=sb|title= Magic Quadrant for Endpoint Protection Platforms|website= Gartner|date= 20 August 2019|access-date= 22 November 2019}}</ref>
== Regulatory requirements ==
Endpoint security measures are mandated or recommended by several regulatory frameworks governing the protection of sensitive data. In the healthcare sector, a December 2024 Notice of Proposed Rulemaking (NPRM) to update the HIPAA Security Rule proposes specific endpoint-level requirements for systems that process electronic protected health information (ePHI), including mandatory deployment of anti-malware protection, removal of extraneous software, and disabling of network ports not required by the organization's risk analysis.<ref>{{cite web |url=https://www.federalregister.gov/documents/2025/01/06/2024-30983/hipaa-security-rule-to-strengthen-the-cybersecurity-of-electronic-protected-health-information |title=HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information |publisher=Federal Register |date=2025-01-06 |access-date=2026-03-18}}</ref> The proposed rule would also require encryption of ePHI at rest on endpoint devices and multi-factor authentication for all systems containing ePHI.<ref>{{cite web |url=https://www.hhs.gov/hipaa/for-professionals/security/hipaa-security-rule-nprm/index.html |title=HIPAA Security Rule NPRM |publisher=U.S. Department of Health and Human Services |access-date=2026-03-18}}</ref>
The Payment Card Industry Data Security Standard (PCI DSS) similarly requires organizations to maintain anti-malware programs on all systems commonly affected by malicious software and to develop secure system configurations by removing unnecessary functionality from devices that process cardholder data.<ref>{{cite web |url=https://www.pcisecuritystandards.org/standards/pci-dss/ |title=PCI DSS |publisher=PCI Security Standards Council |access-date=2026-03-18}}</ref>
==See also==
* Network security * Internet security
==References== {{Reflist}}
Category:Security technology