This is the sixth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on endpoint security.
Endpoint security is a fancy term used to describe how the computers on the network are protected. This used to be done by antivirus but due to the complexity of the attacks hackers are using to compromise networks these days, the definition has expanded greatly. This now includes things like Enhanced Detection & Response software, Security Operations Centers, DNS Filtering, employee train and more. Here are some questions that you should be asking yourself:
- Are your endpoints protected by antivirus or enhanced detection & response?
- Is website traffic being monitored? Restricted?
- Are your employees being trained in cyber security?
- Are computer logs being monitored for malicious activity?
- Would unusual or suspicious activity on a computer be noticed? Alerted on?
- Do you have security permissions set on all file shares?
- Do you have least privileged access configured on those shares?
- Do you keep track of what software is installed on all workstations?
- Do you block access to unauthorized software?
- Are files encrypted on servers and workstations?
- Are your mobile devices managed? Can you wipe them remotely?
- Are USB ports blocking removeable storage devices?
- Are endpoints set to automatically log-out?
If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.