A Simple Guide to Better Endpoint Protection

James Ogier
Author
24th October 2022
Information Security

A Simple Guide to Better Endpoint Protection

Endpoints make up much of a company’s network and IT infrastructure. This is a collection of computers, mobile devices, servers, and smart gadgets, as well as other IoT devices that all connect to the company network.

The number of endpoints a company has will vary by business size. Companies with less than 50 employees have about 22 endpoints, small businesses with 50-100 employees have roughly 114, and enterprise organisations with 1,000+ employees average 1,920 endpoints. Each of those devices is a chance for a hacker to penetrate a company’s defences. An endpoint security strategy addresses endpoint risk and puts focused tactics in place.

64% of organisations have experienced at least one compromising endpoint attack. In this guide, we’ll provide you with straightforward solutions focused on protection of endpoint devices.

Address Password Vulnerabilities

Passwords are one of the biggest vulnerabilities when it comes to endpoints. The news reports large data breaches all the time related to leaked passwords. For example, the RockYou2021 breach which exposed the largest number of passwords ever – a whopping 3.2 billion. Poor password security and breaches make credential theft one of the biggest dangers to cyber security. Address password vulnerabilities in your endpoints by:

  • Training employees on proper password creation and handling
  • Look for passwordless solutions, like biometrics
  • Install multi-factor authentication (MFA) on all accounts

Stop Malware Infection Before OS Boot

USB drives are a popular giveaway item at trade shows, but an innocent-looking USB can actually cause a breach. One trick that hackers use to gain access to a computer is to boot it from a USB device containing malicious code, but luckily there are certain precautions you can take to prevent this from happening. One of these is ensuring you’re using firmware protection that covers two areas. These include Trusted Platform Module (TPM) and Unified Extensible Firmware Interface (UEFI) Security. TPM is resistant to physical tampering and tampering via malware. It looks at whether the boot process is occurring properly. It also monitors for the presence of anomalous behaviour. Additionally, seek devices and security solutions that allow you to disable USB boots.

Update All Endpoint Security Solutions

You should regularly update your endpoint security solutions. It’s best to automate software updates if possible so they aren’t left to chance. Firmware updates are often forgotten about. One reason is that they don’t usually pop up the same types of warnings as software updates. But they are just as important for ensuring your devices remain secure and protected. It’s best to have an IT professional managing all your endpoint updates. They’ll make sure updates happen in a timely fashion and ensure that devices and software update smoothly.

Use Modern Device & User Authentication

How are you authenticating users to access your network, business apps, and data? If you are using only a username and password, then your company is at high risk of a breach. Use two modern methods for authentication:

  • Contextual authentication
  • Zero Trust approach

Contextual authentication takes MFA a step further. It looks at context-based cues for authentication and security policies. These include several things, such as, what time of day someone is logging in, their geographic location, and the device they are using. Zero Trust is an approach that continuously monitors your network. It ensures every entity in a network belongs there. Safe listing of devices is an example of this approach. You approve all devices for access to your network and block all others by default.

Apply Security Policies Throughout the Device Lifecycle

From the time a device is first purchased to the time it retires, you need to have security protocols in place. Tools like Microsoft Autopilot and SEMM allow companies to automate. They deploy healthy security practices across each lifecycle phase. This ensures a company doesn’t miss any critical steps Examples of device lifecycle security include when a device is first issued to a user. This is when you should remove unnecessary privileges. When a device moves from one user to another, it needs to be properly cleaned of old data. And reconfigured for the new user. When you retire a device, it should be properly scrubbed. This means deleting all information and disconnecting it from any accounts.

Prepare for Device Loss or Theft

Unfortunately, mobile devices and laptops get lost or stolen. When that happens, you should have a sequence of events that can take place immediately. This prevents company risk of data and exposed business accounts. Prepare in advance for potential device loss through backup solutions. Also, you should use endpoint security that allows remote lock and wipe for devices.

Want Help Reducing Your Endpoint Risk?

We can help you put robust endpoint security in place, step by step. Contact us to get things started with a free consultation.

James Ogier

James has worked at Resolution IT for 8 years, after a period in the aviation industry. After 7 years working in our Information Security team, guiding clients on security best practices, he now works as a Senior Consultant in our Service Delivery team.

James has earned the ISC2 SSCP (Systems Security Certified Practitioner) and is able to certify organisations to the Cyber Essentials and IASME governance standards. He also holds Microsoft MCSA Windows 8 and 10 certifications, CompTIA A+, Network+ and Security+ accreditations, as well being a Certified ISO 27001 ISMS Lead Implementer.

Career opportunities

If you’re looking for your next career move and seeking opportunities offering professional development, rewards and success, then come and talk to us at Resolution IT.

Ready to begin a partnership with us?

Contact Form

"*" indicates required fields

Send us a message

This field is for validation purposes and should be left unchanged.