Protecting your endpoints does not have to be a huge headache for your organisation, no matter how small or large you are. To protect modern day environments, you need to do more than just add an antivirus product to your endpoint.
A good place to start planning your security posture, especially if your organisation is a smaller business, is to take a look at the Cyber Essentials website, www.cyberessentials.ncsc.gov.uk, which is a website hosted by the UK Government to help organisations with several steps to assist with securing your IT and protecting your data.
Cyber Essentials offers a self-help or certified approach to security which covers five technical controls.
- Secure your Internet connection
- Secure your devices and software
- Control access to your data and services
- Protect from viruses and other malware
- Keep your devices and software up to date
Most of the measures above can be addressed by using a next-generation endpoint security product that offers more than a traditional antivirus solution.
If you take a deeper look into the five points above and map them to technologies required to help safeguard each area, then you can quickly see that securing the endpoint will help you gain a more secure environment.
Secure your Internet connection
The easiest way to protect your internet connection is by using the correct setting with your router provided by your ISP, along with securing your connection with a firewall. This firewall can be a gateway device or an endpoint firewall; both types will require configuration to offer the maximum protection.
Secure your devices and software
Most modern day operating systems have security controls built in that allow users to add usernames and passwords to enable you to access the device; however, you should consider using two-factor authentication for a more robust and secure approach to accessing your devices and applications.
It is also worth considering Full Disk Encryption for your mobile devices, such as laptops; this gives you added protection of your data should the device be lost or stolen.
Control access to your data and services
By controlling who has access to what and when will allow you to secure your data much more effectively, along with Full Disk Encryption as previously mentioned. There are several ways you can control access to applications and data, including administration accounts within your infrastructure.
Also, by using Device Control you can control what devices can connect to an endpoint (for example, memory sticks, CD drives and USB hard drives), and effectively manage data loss.
Protect from viruses and other malware
Nowadays, protection from malware and viruses takes a much more multi-technology approach to get the best protection. You should consider the features below when making your choice of Endpoint Security product.
- Centralised Management Console
- Anti-Malware protection
- Sandboxing
- Whitelisting
- EDR (Endpoint Detection and Response)
Often these features are add-ons to the basic package but are well worth considering when making your choices.
Keep your devices and software up to date
One of the most important parts of IT security is maintaining patches of both operating systems and applications. Vendors of applications and OS will often publish a description of the vulnerability that a security patch fixes; this inadvertently allows potential hackers a method to exploit your system, however, it would be a good practice to manage how you patch your devices, such as by doing a test patch before rolling it out to your complete environment.
At Kite Distribution, we offer a range of security technologies that can help your customer become more secure and meet the requirements of Cyber Essentials.
Bitdefender offer an array of product suites that address most of the security measures mentioned above and will go a long way towards ensuring that your organisation is compliant with Cyber Essentials and Cyber Essentials Plus.
