An endpoint is any connected device used to access an organization's data and network resources. Looking at how to handle endpoint devices in order to safeguard the data assets that can be accessed through these systems is a challenging job for security administrators.
This becomes more complicated for security administrators when you allow employees to Bring Your Own Device (BYOD). Futuristic technology such as IoTs are also considered as endpoints.
The following diagram shows a hierarchy for different types of assets found in any organization network. The bottom-to-top approach reflects device counts and business values in terms of risk. As far as the counts are concerned, there are more end-user devices than anything else among the endpoints, with relatively fewer network devices and business-critical endpoints:
From a business point of view, the pyramid shows a risk of being compromised. Devices at the bottom of the pyramid are more vulnerable to serious threats, and this opens the door for an attacker to move toward high level assets. The higher an attacker climbs on the pyramid, the bigger the impact is.