Revolutionary Endpoint Security Solution for Embedded Devices

By John Macinnis, Phoenix

If there is one singular trend to which IT security administrators, PC manufacturers, knowledge workers, and consumers all pay close attention, it is the continuing rise in both the number and sophistication of hostile cyber-attacks. At the enterprise level, billions have been invested in protecting the 'perimeter' of the network through the widespread adoption of firewall, intrusion prevention, and anti-spam systems in the context of a layered, policy-driven, 'defense-in-depth' security model. For consumers and knowledge workers the story is much the same. Anti-virus, anti-spyware, and personal firewall technologies have become standard features of most new embedded devices.

Despite these significant advances in network and endpoint security, much remains to be done. Today's 'zero-day' or new cyber-threats have evolved into increasingly complex blended attacks that utilize a combination of malicious software code (malware) and social engineering (for example, phishing) designed to infect and destroy endpoint systems, while stealing legitimate digital credentials and identities. These new cyber-crime and cyber-terror attacks targeting the endpoint user will only be defeated by a new blended protection model that assumes every day is zero-day for connected devices. New government mandates in healthcare, financial services, and corporate governance validate our assessment. Simply put, it's time to re-think endpoint security.

In order to comprehensively address the problem of zero-day attacks on network endpoints, the overall level of endpoint protection needs to be dramatically expanded to provide the following:

  • Confidence that your endpoint devices are secure from the start, and incorporate a firmware foundation that provides a trusted execution environment for the OS and endpoint applications
  • Confidence that your endpoint systems can restore themselves, should a zero-day attack effectively infect and crash your operating system and wipe out critical data and applications
  • Confidence that your mobile users can re-connect to your e-support network, even if your endpoint platform has been compromised and can't boot
  • Confidence that your endpoint devices can be identified by your network, so that only known, trusted devices can seamlessly access the network, and password identity theft can be defeated
  • Confidence that your endpoint users can be strongly authenticated through known user attributes, for example, fingerprint biometrics, and only authorized users access the network
  • Confidence that your endpoint password model can be 'hardened' through mutual authentication of both user and network destination or application, and phishing attacks can be defeated
The effective distance between this expanded vision of endpoint confidence in the face of zero day attacks, and today's 'known threat' endpoint security model, is what Phoenix calls the endpoint vulnerability gap. The Phoenix Family of Endpoint Confidence Management (EPCM) Applications is designed to close the endpoint vulnerability gap, and bring dramatically improved endpoint protection and productivity to enterprises, government agencies, knowledge workers, and consumers.

The EPCM Applications have been designed from the ground up to deliver outstanding value to endpoint embedded systems, as well as to new device manufacturers, ISVs, ISPs, and managed security services providers.

John Macinnis is Director of Product Marketing for Phoenix embedded products.