Skip to main content

Endpoint security

Endpoint Security: Course Introduction

Organizations today are empowered with digitalization, and technology has been excessively leveraged to help users connect to the internet for various purposes.

However, the questions that need to be asked are:

Are businesses that are online, safe from cyber threats and security breaches?

Are applications and operating systems updated with the latest security patch fixes beforehand or on time?

This course on Endpoint Security will help you understand the significance of protecting endpoint devices. 

Endpoint Security: Course Coverage

In this course, you will learn about the following:

The significance of Endpoint Security

The differences between endpoint security, anti-virus, network security, firewall and endpoint protection.


Strategies for effective Endpoint Security

Endpoint Security Testing

What is an Endpoint?

Objectives for targeting endpoints include, but are not limited to:
  • Identifying and exploiting vulnerabilities in the system.

  • Compromising control of the device to execute an attack. For example, executing a DoS attack with the help of botnets.

  • Using the endpoint as an entry point to an organization, to exploit valuable assets and sensitive information.



Cybersecurity To Endpoint Security

Even the most efficient cybersecurity solutions in the industry are prone to vulnerabilities and security loopholes.

Endpoint security solutions aim to protect the endpoints connected to a network, from vulnerable malicious threats.

  • It provides a centralized method to protect the IT network by evaluating an organization's endpoints like desktops, smartphones, laptops, and IoT devices.

Moreover, the current trends in Bring Your Own Device (BYOD) practices, and the ever increasing threats to mobile devices, further emphasize the need for effective endpoint security solutions.



Security Chain

Security is a chain - it is only as secure as the weakest link. - Bruce Schneier
The concept of trust is getting more attention these days. IDC has estimated security spending to reach $151 billion by 2023, noting a ‘C-level focus on trust’ as a key growth driver. Trust, according to IDC, now encompasses security, risk and compliance, privacy, and the various ways in which enterprises interact via people, technology and other aspects.
As part of the overall trust landscape, enterprises embrace the chain of trust principle that every computing touchpoint individually should contribute to solid security across an enterprise. That principle surfaced again in January when the ‘Chain of Fools’ Microsoft vulnerability (CVE-2020-0601) entered the security landscape. Briefly, the issue was ‘spoofing,’ a failure in the chain of trust to ensure the computer is communicating with the user it thinks it’s communicating with – or installing software that was actually written by a trusted source.
To prevent this type of ‘man-in-the-middle’ attack, or forged certificates, enterprises need to take another look at their entire chain of trust scenario. One of the Chain of Fools attack scenarios was vulnerable endpoints. ‘Malware could possibly bypass AppLocker and Windows Defender Application Control. However, Windows Defender Antivirus remains unaffected as it doesn’t scan for ECC certificates during certificate verification,’ according to Telelink.
Applying Chain of Trust to Endpoints 
The Microsoft vulnerability reinforced the need for enterprises to, among other risk mitigation factors, take another look at endpoint security. To protect the endpoint at the most effective level, it takes an end-to-end approach, starting at the processor level. That is really the only way to ensure that vulnerabilities like the ‘Chain of Fools’ event does not find an opening in the enterprise network. A few key practices to consider:
  • Ensure the enterprise architecture can fully provide an end-to-end ‘chain of trust’ from the endpoint processor or UEFI (Unified Extensible Firmware Interface) process to the destination server or cloud platform. Using this framework, IT staff can validate each discrete step of the endpoint boot and workspace execution processes.
  • Fight spoofing and other attacks by checking the cryptographic signature of each component in the chain, only starting it if it is signed by a trusted party. The enterprise’s endpoint management solution and the UEFI Forum are validation sources.
  • Users connecting to a VDI or cloud environment should use access software such as Citrix Workspace App or VMware Horizon to check the certificate of a connected server.
  • Implement signed OS partitions that extend the endpoint chain of trust to the device processor level.
  • Evaluate the enterprise’s hardware-based processor choices to see if they are up to the standards to supporting a complete chain of trust.
  • Minimize the endpoint attack surface by operating the OS in a read-only manner and configured to include only the modules that are necessary to support specific use cases.
Remembering the Remote Worker’s Need for Trust 
The luxury of a virtualized and cloud environment is that enterprise workers are using many devices at a myriad of locations. Access without clear privilege management and control, or opening links on a personal device and transferring possible malware into the network, are just a few examples of the threat potential that exists. Thus, the endpoint chain of trust has to extend to any endpoint device, and that requires an endpoint management and control system capable of protecting networks from remote, user driven threats.
Next generation OS solutions for cloud workspaces can deliver a user experience that will enable ubiquitous location and device flexibility yet support end-to-end chain of trust security. These solutions should include secure remote management and control of desktops and applications running in the data center or the cloud. Another recommended practice is to move risk-prone Windows to the data center or cloud and untether it from the endpoint.
Earn Trust through Solid Endpoint Security
 While Microsoft tends to get intense scrutiny, the reality is cyberattacks – malware, ransomware et al – can come from many sources. IDC estimates 70% of data breaches begin at the endpoint and they can start with something as simple as opening up an email and clicking on the wrong link. Given the fact that human error is here to stay, making it more difficult for spoofing and other threats to successfully enter the network is a sound course of action. That entails applying the chain of trust principle to endpoint security and implementing solutions and technology that can prevent threats even getting to the user experience level – whether remotely working or on site.






Comments

Popular posts from this blog

How to take a walk

  How to Take a Walk                                                                                                                                     How to take a walk|Building a Better Today Whatever your workday looks like, odds are you could use an occasional break. Learn how to make the most of a midday stroll. Forget your phone.  Leaving your screen behind will give your eyes a much-needed rest. Though scrolling through social media may seem like a reward for a productive morning, it will ultimately diminish your ability to be present on your walk Take in your surroundings.   Minus your tech and...

Using Technology to Dodge the Shell Company Fraud

  During the Panama Papers episode, it was found that some of the Mossack Fonseca shell corporations were used for illegal purposes, including fraud, tax evasion, and dodging international sanctions.  The incident also highlighted the use of shell companies in facilitating high level financial crime. The scale of the episode was a shock as was the detail and meticulous planning it took to set this off using shell companies. A shell company is an inactive establishment used as a vehicle for probable financial crimes or kept dormant for future use in some other capacity.  This company only exists only on paper and has no brick and mortar presence or employees.  Identifying a shell company has been a constant struggle for the financial institutions and the approach has been evolving over the past years. In addition to using a shell firm, there is also widespread use of mirror trades in financial crime.  A combination of shell companies and mirror trades originating...

Emotional Intelligence

  Emotional intelligence (EI) refers to the ability to perceive, control, and evaluate emotions. Some researchers suggest that Emotional intelligence can be learned and strengthened, while others claim it's an inborn characteristic : The ability to express and control emotions is essential, but so is the ability to understand, interpret, and respond to the emotions of others. Imagine a world in which you could not understand when a friend was feeling sad or when a co-worker was angry.  Psychologists refer to this ability as  Emotional intelligence , and some experts even suggest that it can be more important than IQ in your overall success in life. A number of different assessments have emerged to measure levels of emotional intelligence. Such tests generally fall into one of two types: self-report tests and ability tests. Self-report tests are the most common because they are the easiest to administer and score. On such tests, respondents respon...