Our last article examined the need for endpoint security, and some of the best practices that are involved. In this article, we continue with that theme.
The best practices (continued)
1) Disable any ports that are not in use:
Although this sounds like an obvious task that should be done, but very often, this goes overlooked. Many organisations leave their network ports wide open, thus leaving an extremely easy point of entry for the cyber attacker. It is highly advised that your IT security staff should check for any open ports that are not being used on a weekly basis. If any are discovered, they should be closed off immediately. Of course, if there are any network ports that are open and being used, they must be secured as well, especially at the endpoints. This is critical for wireless devices, especially where Bluetooth is being used.
2) Make use of Multi Factor Authentication:
Many cybersecurity experts advocate the use of Two Factor Authentication (2FA), but even this is not proving to provide adequate levels of security. Therefore, it is recommended that more than two layers of authentication should be implemented, especially at your endpoints. Perhaps consider implementing at least three to four layers of authentication, one of them which should be making use of biometric technology. This can guarantee much higher levels accuracy when confirming the identity of an individual.
3) Implement the Zero Trust Model:
The traditional security models basically state the following:
“The fundamental problem in network security is the broken trust model where cybersecurity pros, by default, trust the users and traffic inside their network, and assume that all those external to the network are untrusted.” (SOURCE: 1).
In other words, you can implicitly trust the objects and daily interactions within your IT infrastructure, but not outside of it. But with the Zero Trust Model, you there is absolutely no level of trust whatsoever, internal of external. Generally speaking, this can be implemented onto your endpoints with these five steps:
- Identify and classify your sensitive information;
- Map the data flows that are coming to it and leaving it;
- Craft and implement your own unique Zero Trust Model to fit these particular data flows;
- Establish an automated rule-based system that will trigger the appropriate alerts and warnings;
- Keep monitoring the Zero Trust Model ecosystem on a daily basis.
4) Make sure that your endpoints are well protected:
This means that you have implemented the right mixture of security technologies, primarily those of firewalls and routers. But the cardinal rule here is that do not simply use the default settings that have been set up by the vendor and assume that they will provide the adequate levels of security. These settings must be set up and established that are dictated by specific security needs of your organisation. Also keep in mind that many network infrastructures remain static in nature unless there is a specific reason to change them. Because of this, make sure that your Virtual Private Network (VPN) stays up to date and secure, especially when it comes to your employees accessing the endpoints through this.
5) Make use of the Office 365 “secure score”:
Many businesses and corporations are now heavily dependent upon the tools and applications that reside within Office 365; and as a result, this has become a prime target for the cyber attacker. Microsoft provides a specialised tool called the “secure score”, which is made available exclusively to the network administrator. With this, all of the Office 365 packages that are being used in your organisation are closely scrutinised, such as the daily activities of your employees, and all of the relevant security settings. Once this task has been accomplished, you get a score (this is remarkably similar to that of receiving a credit score). The higher it is, the more secure your Office 365 environment is, the lower it is, the less secure it is. All of this means that you need to tweak and adjust the settings and configurations of the Office 365 portals that fit the security needs of your organisation.
Overall, this series of articles has examined some of the best practices that you should implement in order to keep your endpoints more secure. It is important to keep in mind that this not an all-inclusive list, and whatever security practices you have implemented must be checked and updated on a regular basis in order to keep up with the ever-changing cybersecurity landscape.
Ravi is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas.Tech, Inc. He is also studying for his CompTIA Security+ Certification.