Professional Documents
Culture Documents
According to a 2020 report released by the Ponemon Institute, around 68%
of companies suffered more than one endpoint attack in the last 12 months
alone.
Endpoint devices provide a backdoor entry to unauthorized access by
external actors. Thus, the system is of paramount importance for
organizations that want to safeguard their networks from potential security
breaches. Here are the top best practices that companies need to employ
while deploying endpoint security.
Endpoint Security Best Practices
One of the best practices could be to encrypt the endpoint’s disk or
memory. This ensures that the device data remains unreadable or
inaccessible when it is transferred to another device or is safe even if the
device is stolen or lost.
3. Enforce least privilege access
Limiting access and device privileges is a good practice to ensure the
security of the endpoints. Admin privileges should not be assigned to
regular users. Such a least privilege access policy can prevent
unauthorized users from loading executable code onto the endpoints.
Thus, it is more appropriate to limit VPN usage, thereby allowing VPN
access only at the application layer. This can narrow down the network-
level security risk considerably.
Besides, implementing multi-factor authentication (MFA) can prevent
account theft from different sources. Also, introducing a secondary layer
of verification, when the system identifies a log-in from unrecognized or
unknown locations, can enhance overall security.
Enterprises should emphasize and focus on making end-users aware
of their responsibilities and remind them of the rules pertaining to
device loss or theft. A weak or faulty BYOD policy can cost companies
billions of dollars as users can hack into the organization’s network using
their own devices.
A similar case was observed in 2017 when a data breach of South Korea’s
largest bitcoin exchange occurred. An unclear BYOD policy led to this
incident, where $30 million (in cryptocurrency) was stolen in just a few
hours and compromised the data of around 32,000 users.
Additionally, companies need to remember that the cloud acts as another
endpoint that is easily accessible to external entities. Hence, providing
distinct credentials for each user is essential. Also, using TLS (HTTPS) to
transport data should be standard practice.
Companies can use application control programs that limit app executions
based on factors such as hash, path, or publisher. They can maintain a list
of programs, files, and app executions that are permissible. Besides, while
an application is granted access, ensure that you also implement rules that
block communication to other irrelevant network segments.
10. Practice network segmentation
The overall performance of an endpoint security solution can be
doubled if you split your network into sub-networks.
This can be started by setting up a privileged area and establishing a
well-defined system with a privilege hierarchy. You also need to be
mindful of interpersonal, interdepartmental dependencies, and
organizational factors while segmenting the network. This will ensure that
regular business processes are not affected. Also, managing and updating
privileged resources should be done regularly.
The U.S. Department of Homeland Security regards network segmentation
as a standard security practice that plays a pivotal role in any
organization’s network security.