What is an endpoint?

Endpoints are physical devices that connect to a network system such as mobile devices, desktop computers, virtual machines, embedded devices, and servers.

Endpoints defined

Endpoints are physical devices that connect to and exchange information with a computer network. Some examples of endpoints are mobile devices, desktop computers, virtual machines, embedded devices, and servers. Internet-of-Things devices—like cameras, lighting, refrigerators, security systems, smart speakers, and thermostats—are also endpoints. When a device connects to a network, the flow of information between, say, a laptop and a network is much like a conversation between two people over the phone.

Importance of endpoint security

Endpoint security, or endpoint protection, helps protect endpoints from malicious actors and exploits.

 

Cybercriminals target endpoints because they are doorways to corporate data and by nature vulnerable to attack. They are outside network security and dependent on users to put security measures into place—leaving room for human error. Protecting endpoints from attack has become more challenging as the workforce becomes more distributed, with office-based, remote, and hybrid workers using more devices from anywhere in the world.

 

Businesses of all sizes are vulnerable. Forty-three percent of cyberattacks involve small businesses, according to a Verizon Data Breach Investigations Report.1 Small businesses are prime targets because they can be entry points for criminals to penetrate even larger companies, and they often don’t have cybersecurity defenses in place.

 

Endpoint security is essential because data breaches are costly, devastating ordeals for enterprises. The average cost of a data breach is $4.24 million globally and $9.05 million in the United States, according to the Ponemon Institute’s "Cost of a Data Breach Report 2021” (Commissioned by IBM). Breaches involving remote work cost an average of $1.05 million more. Most breach costs—38%—are due to lost business, such as customer turnover, lost revenue due to system downtime, and the cost of acquiring new business due to tarnished reputation.

How endpoint security works

Endpoint security uses a range of processes, services, and solutions to protect endpoints from cyberthreats. The first endpoint security tools were traditional antivirus and antimalware software designed to stop criminals from harming devices, networks, and services. Endpoint security has since evolved to include more advanced, cloud-powered, and comprehensive solutions that help detect threats, investigate, and respond to threats, and manage apps, devices, and users.

Common endpoint security risks

Organizations are increasingly vulnerable to endpoint security threats as more workforces become more mobile. Some of the more common endpoint security risks include:

  1. Phishing, a type of social engineering attack that manipulates targets into sharing sensitive information.
  2. Ransomware, malware that holds victim’s information until a sum of money is paid.
  3. Device loss, one of the leading causes of data breaches for organizations. Lost and stolen devices can also lead to costly regulatory fines.
  4. Outdated patches, which expose vulnerabilities in systems, creating opportunities for bad actors to exploit systems and steal data.
  5. Malware ads, or malvertising, which uses online ads to spread malware and compromise systems.
  6. Drive-by downloads, the automated download of software to a device without the user’s knowledge.

Endpoint security best practices

Safeguarding endpoints can help keep organizational data secure. Follow these best practices to defend against cyberthreats.

  • Educate users

    Employees are the first line of defense in endpoint security. Keep them informed with regular security and compliance training, and alerts.

  • Track devices

    Keep track of all devices that connect to your network. Update your inventory frequently. Make sure endpoints have the latest software updates and patches.

  • Adopt Zero Trust

    Support a Zero Trust security model. Manage and grant access with continual verification of identities, devices, and services.

  • Encrypt endpoints

    Strengthen security with encryption, which adds another layer of protection to devices and data.

  • Enforce strong passwords

    Require complex passwords, enforce regular password updates, and prohibit the use of old passwords.

  • Keep systems, software, and patches updated

    Conduct frequent updates of operating systems, application, and security software.

Endpoint security solutions

Protecting endpoints is critical as the remote workforce continues to grow. Organizations can protect their endpoints with comprehensive endpoint security solutions that support a diverse bring-your-own-devices (BYOD) ecosystem, follow a Zero Trust security approach, and manage devices without disrupting business.

Learn more about Microsoft Security

Frequently asked questions

|

Endpoints are devices that connect to and exchange information with a computer network. Here are some examples of endpoints:

  • Smartphones
  • Tablets
  • Desktops
  • Laptops
  • Workstations
  • Servers
  • Internet-of-Things devices like cameras, lighting, refrigerators, security systems, smart speakers, and thermostats

Devices that a network runs on are not endpoints—they’re customer premise equipment (CPE). Here are examples of CPE that aren’t endpoints:

  • firewalls
  • load balancers
  • network gateways
  • routers
  • switches

Endpoint security covers a range of services, strategies, and solutions including:

  • Analytics
  • Antivirus and antimalware
  • Device control
  • Endpoint detection and response (EDR)
  • Endpoint protection platforms
  • Exploit protection
  • Extended detection and response (XDR)
  • Network security tools
  • Network traffic analysis
  • SIEM
  • Web filtering

Endpoint protection helps protect endpoints—devices like laptops and smartphones that connect to a network—from malicious actors and exploits.

 

Cybercriminals target endpoints because they can help attackers gain access to corporate networks. Organizations of all sizes are vulnerable because attackers are constantly developing new ways to steal their valuable data.

 

Endpoint protection helps keep customer data, employees, critical systems, and intellectual property safe from cyber criminals.

An application programming interface, or API, is a connection that makes it possible for computers or computer programs to interact with each other. APIs allow us to share important data between applications, devices, and individuals. A useful way to think of APIs as a waiter in a restaurant. A waiter takes a customer’s order, gives it to the cook, and brings the meal to the customer. Similarly, an API gets a request from an application, interacts with a server or data source to process a response, and then delivers that response to the application.

 

Here are a few examples of common APIs used in everyday life:

  • Weather apps use APIs to get meteorological information from a third party
  • Paying with PayPal uses APIs so online shoppers can make their purchases without logging into their financial institutions directly or exposing sensitive information
  • Travel sites use APIs to collect information on flights and share the lowest price options

An endpoint is a device like a smartphone or laptop that connects to a network.

 

An API endpoint is the URL of a server or service.