What is endpoint detection and response?

Businesses are using the Internet to collect customer data and collaborate on company projects. Cybercriminals are organizing intricate attacks on the networks that businesses use to operate their data collection and project collaboration. The attacks are made to exploit the business by hijacking highly valuable data and files from the network in exchange for money while causing a major disruption in the business’s operations, or to use the data in a fraudulent manner.

But, just as cybercriminals are working hard to infiltrate networks, businesses are investing resources into protecting their networks from cyber attacks. Primarily, businesses are acknowledging that their networks are most vulnerable to attacks through various endpoints within their network, and so, they are investing in software that will protect those endpoints from attack.

So, what is an endpoint and how do cybercriminals use endpoint devices to attack networks?

What is an Endpoint Device?

An endpoint device is a remote computing device that communicates with a network to which it is connected. In short, an endpoint devices is a piece of hardware that connects with a network directly or through a computer. Some examples of endpoint devices include:

  • Storage devices: USBs, CD/DVD, Floppy, Tape, External Hard Drives, Firewire, SD Card, MM Card
  • Wireless Devices: Bluetooth, Infrared, WiFi
  • Ports: Serial, Parallel
  • Imaging Devices: Digital Camera, Scanner, Webcam
  • Portable Devices: Smartphones, Tablets
  • Sound Cards
  • USB Ethernet Adapters
USB memory sticks.

USB memory sticks are common endpoint devices.

Why is Endpoint Security Important?

The importance of endpoint security continues to escalate as cybercriminal organizations develop more advanced technologies to infiltrate networks. When these organizations infiltrate networks, they are capable of uploading malware to damage expensive machines and, even worse, breach valuable data. And, with the rise of government policies and regulations such as the European Union’s General Data Protection Regulation (GDPR), companies and organizations are more liable than ever for the proper storage and protection of customer data.

What is Endpoint Detection and Response?

Endpoint detection and response is an emerging field of cybersecurity that aims to protect networks from cyber attacks. The purpose of endpoint detection and response technology is to detect, contain, investigate, and eliminate network threats and attacks. This technology is critical for improving an organization’s data loss prevention capabilities. 

By implementing endpoint detection and response technology in their network, companies and organizations can be sure that their machines and data are secure from cyber-attacks. And in the case of a successful attack, endpoint detection and response will be able to identify the root of the attack in order to eliminate it from the network and to help prosecute the cybercriminals.

What is the Best Endpoint Detection and Response Technology?

The best endpoint detection and response technology will boast the security needed to protect networks from cyberattacks. This means that the technology should receive constant updates as cybercriminals continue to develop new ways to infiltrate and attack networks.

As technologically advanced as the endpoint detection and response product should be, it should also be intuitive and user-friendly for administrators to operate. Depending on the size of the business or organization, the IT skills of administrators or managers who are responsible for operating the EDR technology will vary. For this reason, the EDR technology should be relatively easy-to-use for when administrators need to investigate a potential threat or eliminate an actual attack.

Based upon the criteria of technology and ease-of-use, CurrentWare AccessPatrol is the best endpoint detection and response product available.

How Does AccessPatrol Work?

CurrentWare AccessPatrol has been designed and developed to enable administrators with the technology needed to successfully detect, contain, investigate, and eliminate endpoint threats and attacks.

Detect: Create reports to detect which endpoint devices were connected to the network and from where within the network they were connected, as well as any files that were transferred to or from those endpoint devices.

AccessPatrol endpoint devices accessed report.

Detect which endpoint devices accessed your network with the All Devices Accessed report.

Contain: Configure endpoint device access settings to contain file transfers. For example, storage devices such as USBs or external hard drives can be set to “Read Only” mode which will prevent any file transfers to or from the endpoint device.

AccessPatrol read only mode.

Configure the Read Only setting to prevent the transfer, deletion, copy, or editing of all files on the endpoint device.

Investigate: Create reports to determine file transfer history between endpoint devices in order to determine the origin of the threat or attack.

AccessPatrol file transfer history report.

Determine which files were transferred between endpoint devices on the network with the File Transfer History report.

Eliminate: Eliminate the threat or attack by determining where it is located within the network through endpoint device reports.

How Much Does AccessPatrol Cost?

CurrentWare’s solutions can be purchased individually for the greatest flexibility or as a bundle for the best value. When purchasing individually, BrowseReporter, BrowseControl, and AccessPatrol start at $3.99 USD per license per month (paid annually).

Volume license discounts are available starting for as low as 100 users, with discounts increasing depending on the number of licenses.

There are additional discounts available for educational organizations, non-profits, managed services providers, and for businesses that pre-purchase multiple year plans.  

Looking for a quote? Contact our sales team here.

Control Endpoint Devices on Your Network

Try AccessPatrol now and secure your network from endpoint attacks

 

Sai Kit Chu
Sai Kit Chu
Sai Kit Chu is a Product Manager with CurrentWare. He enjoys helping businesses improve their employee productivity & data loss prevention efforts through the deployment of the CurrentWare solutions.