For the best web experience, please use IE11+, Chrome, Firefox, or Safari

What is endpoint security?

Endpoint security is the practice of identifying and protecting every device that accesses your network, because any device is a potential attack vector. This is a departure from the traditional view of endpoint security where it meant putting every computer and server behind a perimeter like a firewall and managing that protected domain. Your perimeter now extends to and includes every endpoint that accesses your network and data, no matter where it is located.
How has remote work impacted endpoint security? 02:09

The importance of endpoint security

Ransomware and related cybercrimes have become a ‘cyber-pandemic’ with no signs of slowing down anytime soon. The vast majority of these attacks gain entry into your organization through your endpoints. As a result, securing your endpoints is mission-critical for ensuring the continuity of your business operations and a key part of your approach to zero trust security.

What is an endpoint?

An endpoint is any device that accesses your network. And it’s no longer just desktop computers and servers. You now have employees working remotely and accessing critical information 24x7 – hopefully encrypted – via laptops, iPads, iPhones, smartwatches, you name it, from wherever and however they wish to work. And it’s also not limited to user devices. Endpoints also include printers, fax machines, point-of-sale systems, and an exponentially growing list of Internet of Things (IoT) devices, all accessing your network.
What is an endpoint?

How important are end-users to endpoint security?

You can make your IT and endpoint environment as secure and robust as possible, but if a user opens an email and clicks on an attachment that they shouldn’t have opened and clicked, it creates an opportunity for cybercriminals to exploit your organization.

A crucial but partial solution is to make sure your organization offers security and compliance training to employees on a regular basis. Another action that your IT team can take is to immediately send out alerts anytime a suspicious email arises with instructions for properly deleting it or categorizing it as junk. It’s important to provide robust user education and awareness in addition to all the other preventative measures you employ.

Best practices for endpoint security

Best practices for endpoint security

While all your key stakeholders are now well aware of cybersecurity risks, the good news is that a well-thought-out approach to protecting your endpoints isn't rocket science. A lot of it is just basic IT hygiene. The key is to keep ahead of it by automating as much as possible. Here’s some basic best practices for endpoint security.

1. Discover, inventory and track all devices that access your network

You need to know about, and be able to track and monitor, every device that connects to your network regardless of platform, operating system or location. This includes corporate-owned computers, printers and IoT devices as well as laptops, tablets and phones that your employees use as part of your bring-you-own-device (BYOD) program.

You not only need to make sure that unauthorized people aren't accessing any of these devices, but also discover what’s not supposed to be accessing your network that is, who has more access rights than they need and which devices have become infected. And this level of visibility and control is crucial to ensuring the security of your endpoints even if you don’t have a unified endpoint management system in place and are forced to manage multiple, diverse management systems.

2. Deploy and maintain the latest operating systems, security software and patches

Once you have visibility into every device accessing your network, you can identify the endpoints that need updates and patches made to their operating systems, applications, and security software they have installed or need to have installed.

Ensuring that all devices have the latest security software installed will help to block and remove malware on your endpoints. In addition to the protections offered by the security software, vendors of the operating systems and applications your organization counts on invest significantly into fixing vulnerabilities in their software, but those updates and patches are only effective if your endpoints are consistently and repeatedly kept up-to-date.

3. Restrict user privileges

As part of your approach to zero trust security, unauthorized users must be prevented from accessing sensitive data and from having the ability to propagate malware that could infect it. Administrators need to track which systems users access from their endpoints and if each user’s access rights are appropriate for their role. Users should have the minimal access to corporate systems and data that they need to do their jobs. By default, users should have least-privilege access to the systems they need, and only specific users should have administrator credentials.

4. Lock down USB ports

USB ports in unattended workstations and even devices like printers, cameras and external drives could be exploited to steal corporate data or introduce malware into the network. To prevent malware, avoid data theft and uphold your zero trust security practices, administrators should utilize a least-privilege approach to granularly regulate who has access to which USB ports and where.

5. Find and remediate vulnerabilities

You need to discover software versions, settings or device configurations that create potential vulnerabilities in your system. Conduct regular IT security audits by performing Open Vulnerability Assessment Language (OVAL) scanning on all Windows, Mac and Linux systems. This will allow you to find and remediate vulnerabilities in your environment and systems that don’t comply with your security and configuration policies.

6. Quickly remediate missing or infected devices

Continuously track and monitor your traditional and mobile devices. If a mobile device goes missing, remotely lock, erase or factory reset the device or its password to prevent company data from being accessed, corrupted or stolen. And if you suspect that an endpoint has been infected by malware, immediately reimage the device from a gold master image.

Where can I get help with managing and securing endpoints?

Where can I get help with managing and securing endpoints?
Quest® offers extensive solutions for protecting and managing your endpoints. We can help you discover, manage and secure your on-premises and remote workforce. Here’s where you can learn more:

 

Resources

Get started now

Successfully secure your endpoints with KACE Unified Endpoint Management solutions.