Endpoints make up much, if not most, of a company’s network and IT infrastructure.
An endpoint is a remote computing device that communicates back and forth with a network to which it is connected. Examples of endpoints include:
Endpoints can all become points of entry for cybercriminals. They’re where attackers attempt execute code and exploit vulnerabilities, as well as where there critical information they want to encrypt, steal, or leverage. With workforces becoming more mobile and users connecting to endpoints from all over the world, they are increasingly susceptible to cyberattacks. An attacker can then:
- Use an endpoint as an entry and exit point to access high-value assets on your network.
- Access information to steal or hold hostage, either for ransom or purely for disruption.
- Take control of the device and use it in a botnet to execute a DoS attack.
64% of organizations have experienced one or more compromising endpoint attacks. In this guide, we’ll provide you with straightforward solutions. Solutions focused on protection of endpoint devices.
Confront Password Vulnerabilities
Passwords are one of the biggest vulnerabilities when it comes to endpoints. The news reports large data breaches all the time related to leaked passwords. Take for example, the RockYou2021 breach. It exposed the largest number of passwords ever – 3.2 billion.
Poor password security and breaches make credential theft one of the biggest dangers to cybersecurity.
Address password vulnerabilities in your endpoints by:
- Training employees on proper password creation and handling
- Look for passwordless solutions, like biometrics
- Install multi-factor authentication (MFA) on all accounts
Protect System Startup with TPM and UEFI
USB drives (also known as flash drives) are a popular giveaway item at trade shows. But an innocent-looking USB can actually cause a breach. One trick that hackers use to gain access to a computer is to boot it from a USB device containing malicious code.
Take that USB stick from the trade show, for example. The user typically plugs it in and leaves it plugged in. When the computer restarts the next time, the computer will load software from that USB stick thinking it’s installation media.
There are certain precautions you can take to prevent this from happening. One of these is ensuring you’re using firmware protection that covers two areas. These include Trusted Platform Module (TPM) and Unified Extensible Firmware Interface (UEFI) Security.
TPM is resistant to physical tampering and tampering via malware. It looks at whether the boot process is occurring properly. It also monitors for the presence of anomalous behavior. Additionally, seek devices and security solutions that allow you to disable USB boots.
Regularly Update Endpoint Firmware
You should regularly update your endpoint security solutions. It’s best to automate software updates if possible so they aren’t left to chance.
Firmware updates are often forgotten about. One reason is that they don’t usually pop up the same types of warnings as software updates. But they are just as important for ensuring your devices remain secure and protected.
We go through and use the manufacturer’s update processes to automate and keep endpoints up to date at all times. It’s not always easy or straightforward, but that’s why we have jobs.
Use Modern Authentication Methods
How are you authenticating users to access your network, business apps, and data? If you are using only a username and password, then your company is at very high risk of a breach.
Use two modern methods for authentication:
- Contextual authentication
- Zero Trust approach
Contextual authentication takes MFA a step further. It looks at context-based cues for authentication and security policies. These include several things. Such as, what time of day someone is logging in, their geographic location, and the device they are using. Microsoft calls this Conditional Access and we include licensing in all our Managed Services offerings.
Zero Trust is an approach that continuously monitors your network. It ensures every entity in a network belongs there. Safelisting of devices is an example of this approach. You approve all devices for access to your network and block all others by default.
Apply Security Policies Throughout the Device Lifecycle
From the time a device is first purchased to the time it retires, you need to have security protocols in place. Tools like Microsoft AutoPilot and Intune allow companies to automate. They deploy healthy security practices across each lifecycle phase. This ensures a company doesn’t miss any critical steps
Examples of device lifecycle security include when a device is first issued to a user. This is when you should remove unnecessary privileges. When a device moves from one user to another, it needs to be properly cleaned of old data. And reconfigured for the new user. When you retire a device, it should be properly scrubbed. This means deleting all information and disconnecting it from any accounts.
Prepare for Device Loss or Theft
Unfortunately, mobile devices and laptops get lost or stolen. When that happens, you should have a sequence of events that can take place immediately. This prevents company risk of data and exposed business accounts.
Prepare in advance for potential device loss through backup solutions. Also, you should use endpoint security that allows remote lock and wipe for devices.
Reduce Your Endpoint Risk Today!
Get help putting robust endpoint security in place, step by step. We can help! Contact us today for a free consultation.