Skip to main content

Endpoint security

Endpoint Security: Course Introduction

Organizations today are empowered with digitalization, and technology has been excessively leveraged to help users connect to the internet for various purposes.

However, the questions that need to be asked are:

Are businesses that are online, safe from cyber threats and security breaches?

Are applications and operating systems updated with the latest security patch fixes beforehand or on time?

This course on Endpoint Security will help you understand the significance of protecting endpoint devices. 

Endpoint Security: Course Coverage

In this course, you will learn about the following:

The significance of Endpoint Security

The differences between endpoint security, anti-virus, network security, firewall and endpoint protection.


Strategies for effective Endpoint Security

Endpoint Security Testing

What is an Endpoint?

Objectives for targeting endpoints include, but are not limited to:

  • Identifying and exploiting vulnerabilities in the system.

  • Compromising control of the device to execute an attack. For example, executing a DoS attack with the help of botnets.

  • Using the endpoint as an entry point to an organization, to exploit valuable assets and sensitive information.



Cybersecurity To Endpoint Security

Even the most efficient cybersecurity solutions in the industry are prone to vulnerabilities and security loopholes.

Endpoint security solutions aim to protect the endpoints connected to a network, from vulnerable malicious threats.

  • It provides a centralized method to protect the IT network by evaluating an organization's endpoints like desktops, smartphones, laptops, and IoT devices.

Moreover, the current trends in Bring Your Own Device (BYOD) practices, and the ever increasing threats to mobile devices, further emphasize the need for effective endpoint security solutions.



Security Chain

Security is a chain - it is only as secure as the weakest link. - Bruce Schneier
The concept of trust is getting more attention these days. IDC has estimated security spending to reach $151 billion by 2023, noting a ‘C-level focus on trust’ as a key growth driver. Trust, according to IDC, now encompasses security, risk and compliance, privacy, and the various ways in which enterprises interact via people, technology and other aspects.
As part of the overall trust landscape, enterprises embrace the chain of trust principle that every computing touchpoint individually should contribute to solid security across an enterprise. That principle surfaced again in January when the ‘Chain of Fools’ Microsoft vulnerability (CVE-2020-0601) entered the security landscape. Briefly, the issue was ‘spoofing,’ a failure in the chain of trust to ensure the computer is communicating with the user it thinks it’s communicating with – or installing software that was actually written by a trusted source.
To prevent this type of ‘man-in-the-middle’ attack, or forged certificates, enterprises need to take another look at their entire chain of trust scenario. One of the Chain of Fools attack scenarios was vulnerable endpoints. ‘Malware could possibly bypass AppLocker and Windows Defender Application Control. However, Windows Defender Antivirus remains unaffected as it doesn’t scan for ECC certificates during certificate verification,’ according to Telelink.
Applying Chain of Trust to Endpoints 
The Microsoft vulnerability reinforced the need for enterprises to, among other risk mitigation factors, take another look at endpoint security. To protect the endpoint at the most effective level, it takes an end-to-end approach, starting at the processor level. That is really the only way to ensure that vulnerabilities like the ‘Chain of Fools’ event does not find an opening in the enterprise network. A few key practices to consider:
  • Ensure the enterprise architecture can fully provide an end-to-end ‘chain of trust’ from the endpoint processor or UEFI (Unified Extensible Firmware Interface) process to the destination server or cloud platform. Using this framework, IT staff can validate each discrete step of the endpoint boot and workspace execution processes.
  • Fight spoofing and other attacks by checking the cryptographic signature of each component in the chain, only starting it if it is signed by a trusted party. The enterprise’s endpoint management solution and the UEFI Forum are validation sources.
  • Users connecting to a VDI or cloud environment should use access software such as Citrix Workspace App or VMware Horizon to check the certificate of a connected server.
  • Implement signed OS partitions that extend the endpoint chain of trust to the device processor level.
  • Evaluate the enterprise’s hardware-based processor choices to see if they are up to the standards to supporting a complete chain of trust.
  • Minimize the endpoint attack surface by operating the OS in a read-only manner and configured to include only the modules that are necessary to support specific use cases.
Remembering the Remote Worker’s Need for Trust 
The luxury of a virtualized and cloud environment is that enterprise workers are using many devices at a myriad of locations. Access without clear privilege management and control, or opening links on a personal device and transferring possible malware into the network, are just a few examples of the threat potential that exists. Thus, the endpoint chain of trust has to extend to any endpoint device, and that requires an endpoint management and control system capable of protecting networks from remote, user driven threats.
Next generation OS solutions for cloud workspaces can deliver a user experience that will enable ubiquitous location and device flexibility yet support end-to-end chain of trust security. These solutions should include secure remote management and control of desktops and applications running in the data center or the cloud. Another recommended practice is to move risk-prone Windows to the data center or cloud and untether it from the endpoint.
Earn Trust through Solid Endpoint Security
 While Microsoft tends to get intense scrutiny, the reality is cyberattacks – malware, ransomware et al – can come from many sources. IDC estimates 70% of data breaches begin at the endpoint and they can start with something as simple as opening up an email and clicking on the wrong link. Given the fact that human error is here to stay, making it more difficult for spoofing and other threats to successfully enter the network is a sound course of action. That entails applying the chain of trust principle to endpoint security and implementing solutions and technology that can prevent threats even getting to the user experience level – whether remotely working or on site.






Labels:

Comments

Post a Comment

Popular posts from this blog

Remote Working: Mitigating Risks, Improving Productivity

  Business as usual for organizations the world over has been marred by these extraordinary times. An unprecedented crisis, the COVID-19 pandemic has divided our timeline into pre and post COVID eras.  Some of the business practices that have been prevalent until now may cease to exist or get an upgrade in the post COVID times. Business Continuity Planning: A Change in Approach Ever since 9/11, business continuity planning (BCP) has been an integral part of businesses across industries, especially in the banking and financial services sector. Split or multi-site processing, hot-warm-cold sites, work transfer, and staff transfer were some of the recovery strategies put in place to handle exigencies on ‘off’ days.  Although tested periodically for operational effectiveness, these strategies could not replicate the surprise – in fact, shock – element of real-world contingencies. After having delivered effective results for more than a decade, some events of significant propo...
Post a Comment
Read more

Preserving Banks' Credit Portfolio amid the COVID-19 Crisis

  Historically, there have been many black swan events across the globe, such as the dot-com bubble, the bird flu outbreak, the 2008-09 financial crisis, and so on, with wide-ranging economic impacts.  The COVID-19 pandemic is the latest such phenomenon to have engulfed the entire world, resulting in a worldwide health crisis and bringing the global economy to a near standstill.  As of this writing, the WTO has estimated that global trade could plunge by a third. Just like its peers, the financial services industry is grappling with severe challenges posed by the COVID-19 crisis.  Banks’ lending business has been heavily disrupted, and their risk function is being tested to the hilt. In the near term, we expect an upsurge in loan defaults because of which there will be a spike in non-performing assets.  Decrease in collateral values will trigger a call for new margins. Defaults and downfall in business will force credit rating agencies to downgrade customer rati...
Post a Comment
Read more

How to take a walk

  How to Take a Walk                                                                                                                                     How to take a walk|Building a Better Today Whatever your workday looks like, odds are you could use an occasional break. Learn how to make the most of a midday stroll. Forget your phone.  Leaving your screen behind will give your eyes a much-needed rest. Though scrolling through social media may seem like a reward for a productive morning, it will ultimately diminish your ability to be present on your walk Take in your surroundings.   Minus your tech and...
Post a Comment
Read more