An endpoint is a physical device that is connected to an internet network with which it communicates. It is one end of a communication channel. Examples of endpoints include:
- Laptops
- Desktops
- Smartphones
- Servers
- Tablets
Campaigns, and the technology they use, are rarely constrained to one location. Candidates, staffers, and volunteers are mobile moving about the community or working remotely.
While they are called endpoints from a network perspective, from the point of view of someone trying to compromise a user, network or campaign, they are entry points.
Some objectives of endpoint attacks include:
- Accessing an endpoint to steal valuable data like internal campaign communications, private documents, donor, and/or voter information.
- Compromising an end point and using it to spread malicious software like ransomware or compromise other devices connected to the network to steal data or disrupt operations.
- Taking control of the device and using it to launch attacks such as a distributed denial-of-service or DDoS attack (either against the campaign or others).
Securing endpoints through software is a type of protection that campaigns should consider. Endpoint software is similar to what we all know as AV or anti-virus software. The software is loaded on individual machines and looks for behaviors that might indicate a compromise, an attack or an attempted attack. on your devices.
Endpoint software and services come in two varieties: managed and unmanaged.
Managed endpoints are services where the software provider monitors the behavior of devices on the network in real time. When suspicious behavior is identified, the threat is either automatically eradicated (if is known and there is a fix), a customer is notified with a fix, or if needed, the customer is notified and given further instructions or hands on help.
Unmanaged endpoints are software that only notifies the user of that device that there is a problem. In some cases, known threats can be eradicated quickly or the threat mitigated, and in some cases additional instructions can be provided to fix the issues. Serious compromises would require some kind of outside intervention to fully mitigate.
Because endpoint software providers protect thousands, if not millions of machines, they have great visibility into what’s happening across the internet concerning threats and malicious behavior. They protect machines across their customer base as they see and develop protections for new threats. For example, if an endpoint protection company had several campaigns as customers and they saw attempts to compromise that campaign and prevented it, they could extend that prevention to other campaigns immediately.
Do you need endpoint protection for your campaign? Decisions around what to use are based on risks and what technology you are using. Generally speaking, some form of endpoint is recommended. If you have a higher risk campaign, you should give serious consideration to a managed endpoint.
Learn More: What is Elastic?
How To: How to Get Started with Elastic
Comments
0 comments
Please sign in to leave a comment.