This is the Trace Id: 70c4d5ed58e1aa85dff0472206d277bd
Skip to main content
Microsoft Security
A man is looking at the laptop.

What is an endpoint?

Endpoints are physical devices that connect to a network system such as mobile devices, desktop computers, virtual machines, embedded devices, and servers.
Protect your endpoints

Endpoints defined

Endpoints are physical devices that connect to and exchange information with a computer network. Some examples of endpoints are mobile devices, desktop computers, virtual machines, embedded devices, and servers. Internet-of-Things devices—like cameras, lighting, refrigerators, security systems, smart speakers, and thermostats—are also endpoints. When a device connects to a network, the flow of information between, for instance, a laptop and a network, is much like a conversation between two people over the phone.

Importance of endpoint security

Endpoint security, or endpoint protection, helps protect endpoints from malicious actors and exploits.

Cybercriminals target endpoints because they are doorways to corporate data and by nature vulnerable to attack. They are outside network security and dependent on users to put security measures into place—leaving room for human error. Protecting endpoints from attack has become more challenging as the workforce becomes more distributed, with office-based, remote, and hybrid workers using more devices from anywhere in the world.

Businesses of all sizes are vulnerable. Forty-three percent of cyberattacks involve small businesses, according to a Verizon Data Breach Investigations Report.1 Small businesses are prime targets because they can be entry points for criminals to penetrate even larger companies, and they often don’t have cybersecurity defenses in place.

Endpoint security is essential because data breaches are costly, devastating ordeals for enterprises. The average cost of a data breach is $4.24 million globally and $9.05 million in the United States, according to the Ponemon Institute’s "Cost of a Data Breach Report 2021” (Commissioned by IBM). Breaches involving remote work cost an average of $1.05 million more. Most breach costs—38%—are due to lost business, such as customer turnover, lost revenue due to system downtime, and the cost of acquiring new business due to tarnished reputation.

How endpoint security works

Endpoint security uses a range of processes, services, and solutions to protect endpoints from cyberthreats. The first endpoint security tools were traditional antivirus and antimalware software designed to stop criminals from harming devices, networks, and services. Endpoint security has since evolved to include more advanced, cloud-powered, and comprehensive solutions that help detect threats, investigate, and respond to threats, and manage apps, devices, and users.

Common endpoint security risks

Organizations are increasingly vulnerable to endpoint security threats as more workforces become more mobile. Some of the more common endpoint security risks include:

  1. Phishing, a type of social engineering attack that manipulates targets into sharing sensitive information.
  2. Ransomware, malware that holds victim’s information until a sum of money is paid.
  3. Device loss, one of the leading causes of data breaches for organizations. Lost and stolen devices can also lead to costly regulatory fines.
  4. Outdated patches, which expose vulnerabilities in systems, creating opportunities for bad actors to exploit systems and steal data.
  5. Malware ads, or malvertising, which uses online ads to spread malware and compromise systems.
  6. Drive-by downloads, the automated download of software to a device without the user’s knowledge.



Endpoint security best practices

Safeguarding endpoints can help keep organizational data secure. Follow these best practices to defend against cyberthreats.

Educate users

Employees are the first line of defense in endpoint security. Keep them informed with regular security and compliance training, and alerts.

Encrypt endpoints

Strengthen security with encryption, which adds another layer of protection to devices and data.

Track devices

Keep track of all devices that connect to your network. Update your inventory frequently. Make sure endpoints have the latest software updates and patches.

Enforce strong passwords

Require complex passwords, enforce regular password updates, and prohibit the use of old passwords.

Adopt Zero Trust

Support a Zero Trust security model. Manage and grant access with continual verification of identities, devices, and services.

Keep systems, software, and patches updated

Conduct frequent updates of operating systems, application, and security software.

Endpoint security solutions

Protecting endpoints is critical as the remote workforce continues to grow. Organizations can protect their endpoints with comprehensive endpoint security solutions that support a diverse bring-your-own-devices (BYOD) ecosystem, follow a Zero Trust security approach, and manage devices without disrupting business.
Resources

Learn more about Microsoft Security

  1.
A man and woman sitting at a table, with the woman writing on a book and a laptop visible.

Complete endpoint security

Discover how to secure Windows, macOS, Linux, Android, iOS, and network devices against threats with Microsoft Defender for Endpoint.
Learn more
A person sitting at a desk using a laptop.

Flexible endpoint management

Deploy endpoint security and device management in a unified management platform with Microsoft Intune.
Learn more
A woman looking at her mobile phone.

Endpoint security for small businesses

Get enterprise-grade endpoint security that’s cost-effective and easy to use with Microsoft Defender for Business.
Learn more
A group of three people in a bright office, smiling and engaged as they look at a laptop held by one person.

Productive hybrid work

Empower employees and build more security into your hybrid workplace with the right endpoint modernization strategy.
Get the e-book
A woman in a black coat looking at her phone near a yellow sign with a black arrow.

Secure remote work

Extend protection to devices using Microsoft solutions so remote employees can stay secure.
Learn more
A woman holding a tablet.

Microsoft Defender XDR

Disrupt cross-domain attacks with the expanded visibility and unrivaled AI of a unified XDR solution.
Learn more
Back to Resources section
FAQ

Frequently asked questions

  • Endpoints are devices that connect to and exchange information with a computer network. Here are some examples of endpoints:

    • Smartphones
    • Tablets
    • Desktops
    • Laptops
    • Workstations
    • Servers
    • Internet-of-Things devices like cameras, lighting, refrigerators, security systems, smart speakers, and thermostats
  • Devices that a network runs on are not endpoints—they’re customer premise equipment (CPE). Here are examples of CPE that aren’t endpoints:

    • firewalls
    • load balancers
    • network gateways
    • routers
    • switches
  • Endpoint security covers a range of services, strategies, and solutions including:

    • Analytics
    • Antivirus and antimalware
    • Device control
    • Endpoint detection and response (EDR)
    • Endpoint protection platforms
    • Exploit protection
    • Extended detection and response (XDR)
    • Network security tools
    • Network traffic analysis
    • SIEM
    • Web filtering
  • Endpoint protection helps protect endpoints—devices like laptops and smartphones that connect to a network—from malicious actors and exploits.

    Cybercriminals target endpoints because they can help attackers gain access to corporate networks. Organizations of all sizes are vulnerable because attackers are constantly developing new ways to steal their valuable data.

    Endpoint protection helps keep customer data, employees, critical systems, and intellectual property safe from cyber criminals.
  • An application programming interface, or API, is a connection that makes it possible for computers or computer programs to interact with each other. APIs allow us to share important data between applications, devices, and individuals. A useful way to think of APIs as a waiter in a restaurant. A waiter takes a customer’s order, gives it to the cook, and brings the meal to the customer. Similarly, an API gets a request from an application, interacts with a server or data source to process a response, and then delivers that response to the application.

    Here are a few examples of common APIs used in everyday life:

    • Weather apps use APIs to get meteorological information from a third party
    • Paying with PayPal uses APIs, so online shoppers can make their purchases without logging into their financial institutions directly or exposing sensitive information
    • Travel sites use APIs to collect information on flights and share the lowest price options

    An endpoint is a device like a smartphone or laptop that connects to a network.

    An API endpoint is the URL of a server or service.

Follow Microsoft Security