What endpoint security solutions is your company deploying to cope with the ever-evolving security threat landscape?  In a previous blog on Securing Your Networks, a similar question was asked about solutions for network security.

The results from Aberdeen’s research are also similar: all (100%) respondents have deployed anti-virus / anti-malware. In addition, more than 4 out of 5 have also deployed technologies such as email (86%) and web (82%) monitoring and filtering; 75% have deployed patch management.

So once again, Aberdeen looked into the obvious question: is endpoint security consisting solely of anti-virus software an effective strategy? Can the differences, if any, between this and a broader defense-in-depth strategy be quantified?

Aberdeen compared companies whose endpoint security is based on anti-virus software alone – e.g., no patch management, etc. – with companies whose endpoint security includes anti-virus and a range of other endpoint security solutions.

After normalizing the cost of security incidents in the last 12 months and the total annual cost of the IT Security initiatives as a percentage of annual revenue, it turns out that the anti-virus-only group actually spent 1.5-times more in total – with the difference due to the anti-virus-only group being less effective, i.e., the anti-virus-only group bore the burden of higher costs not avoided (more security-related incidents) in comparison to companies who deployed greater defense-in-depth. The IBM Tivoli Endpoint Manager – built on BigFix technology – is a good example of this approach.

The inclusion of anti-virus solutions as part of the underlying endpoint platform (e.g., Microsoft’s Forefront Endpoint Protection) may mislead some organizations to make the erroneous conclusion that "free A/V" is "good enough for me". But not investing in additional endpoint security solutions is actually shown to be a false economy.

The recurring theme: best practice for endpoint security is to adopt a more comprehensive, defense-in-depth approach.