{"id":4844,"date":"2016-09-13T09:00:24","date_gmt":"2016-09-13T14:00:24","guid":{"rendered":"https:\/\/www.poweradmin.com\/blog\/?p=4844"},"modified":"2016-09-13T09:39:32","modified_gmt":"2016-09-13T14:39:32","slug":"endpoint-security-tips","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/endpoint-security-tips\/","title":{"rendered":"Endpoint Security Tips"},"content":{"rendered":"

With BYOD (Bring Your Own Device; either personal, or provided by the enterprise) now an integral part of policy in so many organisations, there\u2019s an increased risk of USB flash drives, laptops, tablets, or smartphones holding sensitive data falling into the wrong hands \u2013 or being compromised in some way that allows malicious intruders to gain access to corporate networks.<\/span><\/p>\n

\u00a0<\/p>\n

As endpoints to the network, these physical devices require protection to the same extent as your servers, applications and other hardware \u2013 as does the data that they hold, and which passes through them. In this article, we\u2019ll be making recommendations to enhance your endpoint security measures.<\/span><\/p>\n

Look Beyond the Firewall\"firewall-image\"<\/a><\/b><\/span><\/h2>\n

In times past, perimeter defences alone were sufficient to ensure network security. But with mobile devices and removable storage being introduced quite legitimately within the course of a working day by local and remote staff, vendors, contractors, and partners \u2013 any of whom could be wilfully or unwittingly in collusion with malicious intruders \u2013 firewalls and traditional antivirus software are no longer enough.<\/span><\/p>\n

\u00a0<\/p>\n

Security software and tools are now available to scan connecting devices and hardware in real time, granting or refusing access based on their perceived assessment of an endpoint\u2019s security status. So you should shop carefully for a solution that\u2019s suited to your particular network environment.<\/span><\/p>\n

Devise a Security Response Plan<\/b><\/span><\/h2>\n

If a malware infection or staged cyber-attack should occur, there won\u2019t be time to look up security archives or refer to online Help, in the heat of the action. So having a structured incident response plan already in place is a must. The plan itself may not prevent an attack from happening, but it will assist hugely in containing the potential damage, and speeding your organisation on the road back to recovery.<\/span><\/p>\n

Assess Your Risks<\/b><\/span><\/h2>\n

Your response to threat incidents<\/a> will be that much better if you already possess some awareness of the kinds of threats you\u2019re liable to face. So you should perform a risk assessment, to determine your potential vulnerabilities, and to establish what does and doesn\u2019t qualify as a security breach. Be on the lookout for things like:<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Denial of Service (DoS) attacks against your network as a whole, or targeting specific applications or resources.<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Malware infections affecting single or multiple systems.<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Alerts from firewalls, antivirus software, content filters, intrusion detection systems (IDS) or intrusion prevention systems (IPS).<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Unusual activity in your communications channels (email and messaging systems) that might indicate phishing attempts or socially engineered threats.<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Cases of unauthorised access to user accounts, network resources, and attempts to gain unsanctioned network privileges.<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Users (especially those with administrator rights) being locked out of systems and\/or refused access to applications or network resources.<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Misplaced or stolen hardware and storage devices.<\/span><\/p>\n

Consider All Relevant Hardware <\/b><\/span><\/h2>\n

Though mobile and removable storage devices may be the focus of your endpoint security efforts, don\u2019t neglect the network peripherals and infrastructure. Be sure to factor routers, firewalls, DSL routers, T1 CSU\/DSU systems, etc., into your incident response plans.<\/span><\/p>\n

Keep a Contact List<\/b><\/span><\/h2>\n

If a crisis occurs, you\u2019ll need not only an incident response \/ crisis management team, but also access to specialist help, threat intelligence, and other resources. You may also have an obligation to keep major stakeholders informed, or to alert law enforcement and regulatory authorities about a breach.<\/span><\/p>\n

\u00a0<\/p>\n

Make a list of all essential contacts (email addresses, office, home, and mobile phone numbers, Instant Messaging, websites, etc.) and make it available to everyone involved in managing the crisis.<\/span><\/p>\n

Identify the Technology You Need<\/b><\/span><\/h2>\n

Desktop and laptop systems may already be running antivirus suites, anti-malware programs, and personal firewalls. If they\u2019re not, they should be \u2013 at least as a first line of defence. Mobile versions of these applications should also be installed on all BYOD hardware on the network. Additional protection and monitoring of endpoints<\/a> may be provided by host intrusion detection systems (HIDS) or host intrusion prevention systems (HIPS). Network security providers like OpenDNS may be worth considering.<\/span><\/p>\n

\u00a0<\/p>\n

It\u2019s important to keep all these security tools updated, and to ensure that any new hardware joining the network is outfitted with the same protection.<\/span><\/p>\n

\u00a0<\/p>\n

Dedicated endpoint security tools are coming into vogue, with technologies ranging from isolating and inspecting the behaviour of suspect files, to sandboxing, and the crowdsourcing of intelligence and remediation tactics to deal with emerging strains of malware. Do some market research, to identify the best-fit products for your organisation.<\/span><\/p>\n

Map Out Each Incident Response\"checklist\"<\/a><\/b><\/span><\/h2>\n

Having identified the threats your network may be vulnerable to or likely to face, you\u2019ll need to map out specific courses of action to take, in dealing with each one. Seek input from stakeholders at all levels in your organisation, as they may give you insights into processes and aspects of operations in different departments that could have an impact on the scale and progression of an attack.<\/span><\/p>\n

Keep Everything Updated<\/b><\/span><\/h2>\n

Everything: security software, peripheral defences, operating systems, software licences, contact lists, threat intelligence \u2013 and all aspects of your incident response plan.<\/span><\/p>\n

Remember the Basics<\/b><\/span><\/h2>\n

Work habits and the behaviour of users contribute greatly to the security or otherwise of a network, and the standard security protocols<\/a> should apply:<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Require strong passwords, and give users access to password management applications to encourage them to keep their passwords difficult to hack, unique for each account, and regularly modified.<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Encourage the use of multi-factor authentication for access and login protocols.<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Be wary of unsolicited email messages, links, and attachments. Check signatures, headers, and addresses displayed when hovering over linked content. And verify the origins of a communication by contacting the sender through other means (e.g. phone, or in person).<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Be cautious, when downloading files from the Internet. Check that the source is a legitimate website with a good reputation \u2013 and check all files with antivirus software.<\/span><\/p>\n

\u00a0<\/p>\n

\u00b7 Keep regular, secured, and tested backups of all essential data, including system images and application software installers.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

With BYOD (Bring Your Own Device; either personal, or provided by the enterprise) now an integral part of policy in so many organisations, there\u2019s an increased risk of USB flash drives, laptops, tablets, or smartphones holding sensitive data falling into the wrong hands \u2013 or being compromised in some way that allows malicious intruders to […]<\/p>\n","protected":false},"author":10,"featured_media":4845,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,13],"tags":[],"class_list":["post-4844","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general-it","category-pc-security"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4844","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=4844"}],"version-history":[{"count":5,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4844\/revisions"}],"predecessor-version":[{"id":4864,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4844\/revisions\/4864"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/4845"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=4844"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=4844"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=4844"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}