Thursday, June 30, 2022

Slide
Home Cyber Security What strategy can technology leaders implement to protect the endpoints from being...

What strategy can technology leaders implement to protect the endpoints from being compromised even after cyber-criminals attack and try to steal company data?

Endpoint users must be trained and retrained to avoid installing freeware or pirated software and to detect any unusual activity

This is an exclusive interview conducted by the Editor Team of CIO News with Lalit Wadhwani, Chief Information Officer (CIO) at Mumbai Newsbox, on Endpoint Security.

Endpoints are notebooks, desktops, and mobile phones. Some are on the premises of the company, whereas some are outside of the perimeter of the company, maybe at home or any other location.

So, while “on-premise” devices are relatively easier to secure, the challenge multiplies when they are outside the company’s control.

There are two major security threats: one is from external hackers or professional hackers placed in some remote part of the world; the other is insider threats.

Data intrusion is done for a variety of reasons, including ransom-ware, selling proprietary data to competitors or other hackers, defaming the company, or even destroying the company.

Protecting endpoints has a lot of challenges and the obvious solutions that everyone must take are:

  • Do not allow data leakage through USB ports, so disable the USB ports at the bios level and password protect the motherboard settings.
  • If the endpoint is a notebook computer or a desktop computer used at home, then use of the IP address of the home Wi-Fi has to be mapped.
  • Endpoint users must be trained and retrained to avoid installing freeware or pirated software and to detect any unusual activity.
  • No sharing of user IDs or passwords with any other person, including other trusted office colleagues, and to inform the CIO in case any such request was even asked for by any employee whatsoever.
  • Audit policies have to be in place.
  • Firewalls need to be installed on all devices.
  • Antivirus on all devices.
  • Security should start at the OS level and no personal site visits may be allowed.
  • Data leakage prevention (DLP) software has to be installed.
  • Deploying an endpoint protection platform that consists of monitoring all malware activity with an audit trail and reporting such malicious activity in real time.

Many such policies can be implemented depending on the kind of data and its importance, compliance etc.

Having said that, there are still challenges from the actual user (human element) who has access to the passwords and can hack into some other user or senior’s account.

The solution to this is a honeypot.

A honeypot is a less secure domain which is easy to get hacked or intruded upon with weak or easy passwords, and it contains fake but real-looking data. And this data is carefully designed to track it and the source of the hack or intrusion.

When used correctly, the data can identify the intruder’s purpose and intentions, including the location IP address, which can be traced by the IT team of cybercrime police.

Also readCIO News interviews Shri Wangki Lowang, Minister (IT) of Arunachal Pradesh

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter

About us:

CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -1x1 banner1x1 banner1x1 banner1x1 banner

Most Popular

GBM conducts artificial intelligence event, UAE organisations to increase spending

The artificial intelligence event delved into how organisations can get started on their AI journeys For an exclusive artificial intelligence event, GBM has brought together...

Clean technology: LG to invest $1.5bn

The push in the clean technology sector will help LG make "a shift toward more high-value industries" LG Corp, South Korea's fourth-largest conglomerate, said on...

AI technology firm Nala Robotics to supply Slice Factory with its autonomous chef

Under the terms of the agreement, to help fuel national expansion efforts the AI technology company will custom design and install Pizzaiola at Slice Factory's...

There shouldn’t be a separation between business and technology, says Deepak Garg, Co-Founder and Chief Technology Officer (CTO) at Dista

The real value a technologist can bring is alignment of technology with actual business needs When asked how he planned his career path to be...

Recent Comments