Endpoint Vulnerability Management
Endpoints have been getting a lot of attention as of late. It is a target/path of least resistance from the “bad guys”. You hear about Ransomware, trojans and other propagating malware that can really impact your
firm’s productivity. Of great importance is identification and reduction of vulnerabilities and also a plan of what to do in case of an incident. So how do we go about doing that?
- Staff Training
- Patch Management
- Antivirus Management
- Group Policy
- Incident Response
Let’s talk about each of the points and some suggested ideas. Staff Training. It is important to think about how your staff will understand what we are trying to convey. There are different departments and roles within departments – directors, managers and individual contributors. Some are very computer savvy and others are not. It is important to take that into consideration when delivering the message…how will they understand the message and its importance. Email, webinar session, Group/department presentation/delivery. Reinforce the message.
Patch management. A number of vulnerabilities come from 3rd party applications and operating system vulnerabilities. Flash, security updates. There are many tools that can automate this task to ensure that you identify or mitigate this.
Antivirus Management. It is not just getting an antivirus application and subscription, but also ensuring that the definitions are up to date, that the antivirus application is enabled (or has not been disabled by the user), and that new endpoints are being protected.
Group Policy. This can be very effective in segmenting your network and denying access to areas for departments or personnel. In essence, fencing off the amount of access that different groups have and minimizing the impact of an incident, should one occur.
Incident Response Plan. What do you do? In what order? What are the steps? Who do we notify? How do we notify them? It is much easier to put this plan and these steps together while not under the pressure of an incident. That pressure can cause you to make mistakes and ultimately cost the business.
There isn’t a “silver bullet”. We are still firm believers that hardware and software don’t solve problems, process solves problems. There are tools and applications that can really help. Consider your environment. What operating systems – Mac, Windows, Linux, Android? Central or distributed endpoints? We have a number of thoughts and ideas on how to effectively help you with endpoint vulnerability. Call our engineers…they love to share their knowledge.