Endpoint users must be trained and retrained to avoid installing freeware or pirated software and to detect any unusual activity
This is an exclusive interview conducted by the Editor Team of CIO News with Lalit Wadhwani, Chief Information Officer (CIO) at Mumbai Newsbox, on Endpoint Security.
Endpoints are notebooks, desktops, and mobile phones. Some are on the premises of the company, whereas some are outside of the perimeter of the company, maybe at home or any other location.
So, while “on-premise” devices are relatively easier to secure, the challenge multiplies when they are outside the company’s control.
There are two major security threats: one is from external hackers or professional hackers placed in some remote part of the world; the other is insider threats.
Data intrusion is done for a variety of reasons, including ransom-ware, selling proprietary data to competitors or other hackers, defaming the company, or even destroying the company.
Protecting endpoints has a lot of challenges and the obvious solutions that everyone must take are:
- Do not allow data leakage through USB ports, so disable the USB ports at the bios level and password protect the motherboard settings.
- If the endpoint is a notebook computer or a desktop computer used at home, then use of the IP address of the home Wi-Fi has to be mapped.
- Endpoint users must be trained and retrained to avoid installing freeware or pirated software and to detect any unusual activity.
- No sharing of user IDs or passwords with any other person, including other trusted office colleagues, and to inform the CIO in case any such request was even asked for by any employee whatsoever.
- Audit policies have to be in place.
- Firewalls need to be installed on all devices.
- Antivirus on all devices.
- Security should start at the OS level and no personal site visits may be allowed.
- Data leakage prevention (DLP) software has to be installed.
- Deploying an endpoint protection platform that consists of monitoring all malware activity with an audit trail and reporting such malicious activity in real time.
Many such policies can be implemented depending on the kind of data and its importance, compliance etc.
Having said that, there are still challenges from the actual user (human element) who has access to the passwords and can hack into some other user or senior’s account.
The solution to this is a honeypot.
A honeypot is a less secure domain which is easy to get hacked or intruded upon with weak or easy passwords, and it contains fake but real-looking data. And this data is carefully designed to track it and the source of the hack or intrusion.
When used correctly, the data can identify the intruder’s purpose and intentions, including the location IP address, which can be traced by the IT team of cybercrime police.
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics