Protecting your home computer/network from malware is one thing but securing all digital devices in your business is a wholly different challenge. Installing a separate premium antivirus solution on each and every device is not only inefficient and very costly but it also doesn’t give you the opportunity to monitor and manage those devices remotely, at any given time.
Kaspersky Endpoint Security Cloud Plus
In today’s software review, we will introduce you to Kaspersky Endpoint Security Cloud Plus – a potent security service that allows owners of mid-sized businesses to both protect all endpoints (PC Mac, iOS, Android, Windows Server) from malware as well as to constantly monitor what’s happening on those endpoints and manage their security settings.
There are several such products on the cyber-security market and Kaspersky’s offering seems to be lagging behind a bit from some of its competitors in terms of features. However, this is still a solid endpoint protection service and, in the next lines, we will tell you everything you need to know about to be able to decide if this is a good option for you and whether you should give it a try. Plus premium Kaspersky Endpoint Security solution – there is a lower-tier one called simply Kaspersky Endpoint Security Cloud. This one offers fewer features, including some essential ones, so we will mainly be focusing on the Plus version. We will tell you which of the Kaspersky Endpoint Security Cloud Plus features are exclusive for this package so that you know what you won’t get if you decide to go for the lower-tier variant.
Interface and usability
One of the points that Kaspersky sells its Endpoint Security product on is its cloud-based interface. Kaspersky Endpoint Security Cloud Plus is what is known as a SaaS – software as a service. The idea here is that you can access all of the functions, features, and settings of the tool from within your browser, without the need to download, install, and update the tool on your computer.
Once you purchase the service, you will need to create an account and sign in with your username and password. After that, you will be taken through the process of setting up the security tool for your company. Most of the configuration steps can be skipped and you can address those settings at a later time. Something we liked here is that the configuration steps you are shown on the landing page of the service are shown in order of their priority so that you always start with the most important things you ought to configure, making the whole process easier and more streamlined.
Endpoint deployment is also easy, even for less-experienced users. There are several ways you can add an endpoint to the protective “umbrella”. The main/recommended method is by adding the administrator users of the endpoints you want to protect by providing their email addresses. After you do that, Kaspersky Endpoint Security Cloud Plus will automatically send email messages to those users with instructions on how to set up the endpoint client on their devices.
The other way to add protected endpoints is if you have an Active Directory server in your network. In this case, you can task the administration wizard of Kaspersky Endpoint Security Cloud Plus to automatically deploy endpoint clients to the devices you wish to protect.
Once endpoints have been deployed, it’s time to set up their security profiles. There is a default profile that you can use if you want, but its recommended that you take the time to create a profile/profiles that are better fitted to your specific needs. Here, Kaspersky Endpoint Security Cloud Plus shines with its ability to assign a different security profile for each separate endpoint – a feature that is not available on some of its competitors. The available profile settings are separated into two big groups: security and management, with security covering the settings related to enabling/disabling different types of protection (web, network, mail, firewall), and management focusing on settings that help you control and monitor the endpoints.
Kaspersky Endpoint Security Cloud and Kaspersky Endpoint Security Cloud Plus both will keep your endpoints secure against different kinds of malware (including Ransomware). They offer file, mail, web, and network protection for all devices connected to the network and will automatically scan files that are saved, run, or opened. Kaspersky Endpoint Security Cloud/Kaspersky Endpoint Security Cloud Plus also keeps an eye out for insecure Internet traffic and network connections, blocking them if it determines they represent a threat to any of your endpoints. There’s even a feature that allows you to roll back malicious actions that have been performed by malware on the attacked device, which could be a possible mechanism for dealing with files that have been encrypted by Ransomware though it’s worth noting this may not work against all Ransomware representatives.
A highlight of Kaspersky’s Endpoint Security suite is its BSS (Behavior Stream Signatures) function that will monitor all apps on the protected endpoints and look out for behavioral patterns that are typical for malicious software. This could help with detecting harmful programs that are not yet included in Kaspersky’s malware database. Such threats are commonly known as Zero-Day malware and they are the most problematic and difficult to stop form of malicious software so it is essential that your choice for a security solution has a reliable behavior monitoring for all endpoints in the network.
Both Kaspersky packages also give you a helpful vulnerability scanner that will determine if there are any software or settings vulnerabilities across all endpoint devices and help you fix them remotely. It will notify you about outdated software, important security features that are disabled, and even provide you with a list of all available security patches that need to be installed. The Plus version also includes an automated patch installation so that patch management will happen automatically, without the need for you to manually install new security updates.
Most of the advanced management features are only available with Kaspersky Endpoint Security Cloud Plus so if you want to have greater control over your endpoints, this is the option you should probably go with. Here are the extra features that the Kaspersky Endpoint Security Cloud Plus in terms of management functionality:
Cloud Discovery is the only feature from this list that is also available with the tier-one package. It allows you to monitor the activity on the endpoint devices and see the cloud services accessed by the device’s user. It also provides information about time spent on social media networks so that you know how much time is wasted there. Cloud Discovery will monitor both access to cloud services/social media via the browser as well as via dedicated desktop/mobile apps.
Cloud Blocking and Web Control are two features that build upon Cloud Discovery by enabling you to set limits to the types of cloud resources and online content that the endpoints’ users can access. With Cloud Blocking, you can block access to different forms of social media or cloud services you don’t want to be accessed from your endpoints. Web Control gives you a similar option, but this time the access-control is based on the type of content that a site has or the geographical location of its servers.
Device Control further expands the control you have over your endpoints by allowing you to manage the user access to external devices that get connected to the endpoint computers.
The Encryption management feature allows you remotely to encrypt important data on the endpoint devices so that it cannot be accessed by unauthorized third-parties should the device become lost or gets stolen.
Lastly, Kaspersky Endpoint Security Cloud Plus also gives all your endpoints protection for Microsoft Office 365, making this security suite a good fit for business owners who use Microsoft Office on their workstations.
The Plus version of Kaspersky Endpoint Security costs $513.70 ($51,37 per device), which is a discounted price at the moment of writing this article. The original price is $685.00 ($68.50 per device). This plan includes protection for 10 endpoints, which is the minimum number of endpoints that you can protect with Kaspersky (the maximum is 150). As expected, rising the number of devices decreases the effective price per device, so if you get a license for Kaspersky Endpoint Security Plus for 20 endpoints instead of 10, you will have to pay $870.00 and the effective price per a protected endpoint would be $43.00.
All of the aforementioned prices are for one-year licenses. If you go for a two-year license (which is the only other option), the price per endpoint also gets decreased. A two-year license for 10 devices will also cost you $870.
Comparing Kaspersky Endpoint Security Cloud Plus to the tier-one package, the increase in price is significant (the current price for the lower-tier option is $322.50) and so if you aren’t sure you need all the added manageability features and are mostly interested in protecting your endpoint devices from external threats, then sticking with the less expensive package might be the better option. However, if you arrived at the point where you are considering getting an endpoint security solution for your business network, it is likely that advanced features are exactly the thing you are looking for, in which case it’s recommended that you go for the Plus package. A big part of the decision here depends on the human factor, namely, your employees. If you have many employees and don’t personally know them very well, increased control over your endpoints is indeed recommended. If, on the other hand, your business is still small and you know the people who are working for you, then, maybe, the Plus package isn’t all that needed.
Kaspersky Endpoint Security Cloud is a solid choice for every business owner who needs to remotely protect, manage, and closely monitor what’s going on the different devices that form their working network. Unfortunately, almost all of the advanced endpoint control tools are only available with the Plus package, and the regular tier-one version, for the most part, only focuses on protection and security from outside threats without giving you many ways to control your endpoints. Some competing endpoint security solutions provide management/control options even with their lower-tier packages so that’s worth keeping in mind.
That said, we have very little (if any) complaints from the functionality of Kaspersky Endpoint Security Cloud Plus and its cloud-based interface makes protecting and monitoring the devices in your business network at any time all the easier.