This is default featured slide 1 title
This is default featured slide 2 title
This is default featured slide 3 title
This is default featured slide 4 title
This is default featured slide 5 title
 

Protection Techniques for Endpoint Security

Endpoint security is a necessity and its purpose is to protect devices (endpoints) on a network. However, the increase in sophisticated cyber attacks calls for more advanced tools and techniques for better endpoint security protection.

A typically robust Endpoint Security Platform would contain the following features:

  • Containment with auto-sandboxing
  • Web URL Filtering
  • Firewall
  • Antivirus
  • Cloud-based File Lookup Services
  • Host Intrusion Protection System (HIPS)
  • Process Behavior Analysis

While numerous tools and techniques are available, endpoint security can be further enhanced with:

  • Network Access Control (NAC)
  • Data Loss Prevention (DLP)
  • Data Destruction

Data is stored on endpoints and users connect to the enterprise network in many ways. Hence, the network must be protected from possibly vulnerable devices (endpoints) or devices that are already infected and compromised. And there are many different types of devices that require different types of security.

Network Access Control (NAC)

Considering users, devices and BYOD, NAC is an important technology for admission control. Security policies are defined that ensure that an endpoint meets defined compliance levels before they are allowed to connect to the enterprise network. Non-compliant devices are blocked. This feature ensures that the endpoints are safe from malware, and if infected they are not allowed to connect to the network that may compromise other devices. The Lightweight Directory Access Protocol (LDAP), RSA and Active Directory are utilized by NAC to coordinate the working of the firewalls and devices – routers and switches. This defines who is allowed network access and who is not. Better security is ensured. NAC can also be integrated with mobile device management (MDM) technologies to check mobile device security.

Data Loss Prevention (DLP)

DLP tools can be integrated into endpoint protection suites or can be used as a separate cloud-based tool. These tools protect the data on devices from unauthorized malicious users trying to access or steal the data. It helps prevent sensitive data from being transferred out of the network. Automatic disabling of devices can be triggered when suspicious data transfer activities occur. DLP tools can be incorporated into mobile device management solutions for ensuring better security of mobile devices.

Data Destruction

Inevitably data has to be stored on endpoints (including mobile devices). Typically encryption should be implemented in all devices though it may not be possible for all devices. However, when devices get lost, stolen or are reassigned to another user or project, then the data on the device has to be destroyed – completely deleted.

When data on hard disk drives and flash drives are deleted through normal commands, the data actually does not get deleted. This data can be recovered with easily available software tools. If sensitive enterprise data falls into the wrong hands then it can have severe implications. Hence, the hard disk drives and flash drives must be correctly sanitized using data deletion tools to completely destroy the data. The Data Destruction tool can be included as part of the MDM to ensure enhanced endpoint security.