Whether you work with a small or a large company, making sure a quality endpoint protection system is put in place definitely comes first on your to-do list. After all, if data security is not taken seriously, you can’t expect potential clients to take the company seriously. Plus, it will completely tarnish the reputation of the brand, since the general audience will have a hard time placing their trust in it.
Even if you think everything is in order, it’s important to keep in mind that IT security trends tend to shift quite often. This is why it’s vital to ensure your endpoint protection policies will be able to face whatever challenges 2016 will throw at it.
Here are some useful pointers we believe you need to keep in mind if you want to make sure everything is ready for the New Year. Some of them might seem common knowledge to you, but keep in mind that even the most common advice often gets ignored, so mentioning it is vital.
1. Make sure automatic updates are enabled for your endpoint protection system as much as possible
We’re going to start with the most common piece of advice you might hear, but it’s one of the most important as well. This is because it is timeless. It was valid so far and it will continue to be so in the future. You would actually be surprised how many people who are responsible for IT security overlook this aspect and keep on postponing it, thinking that it won’t be a big issue.
However, not keeping your endpoints up-to-date will riddle the system with vulnerabilities that can easily be exploited. We advise you just enable automatic updates where possible to streamline the whole process. However, if you think you can afford to put in the time, taking a look at what all the updates are about won’t do any harm, especially since Microsoft is doing contra productive things like downloading GBs of unwanted Windows 10 with automatic updates.
2. Don’t overlook the threat partner extranets can pose
While partner portals are pretty necessary at times, especially for large companies, it is important to ensure they don’t become too much of a security risk. If left unchecked, they can easily be exploited to create critical data leaks. This means it is vital to make sure the partner extranets don’t have direct access to the internal resources of the company.
This might mean you’ll have to put in more work into IT security, but it will be worth it in the long run. Just to be on the safe side, create a DMZ subnetwork for each partner extranet. This way, the resources they need access to can be placed in the DMZ, while access to the rest of the vital company data can be denied to partner networks.
3. Secure wireless access will need to be taken into account
If wireless access is not secured your endpoint protection system will have to deal with all sorts of rogue wireless access points set up by people, including employees, who want to get access to the wireless channels.
Employees doing something like this might not seem like a very big deal, but with today’s technology, all it takes is a single mistake on their behalf and your entire network will be at risk. Plus, scanning the network every day to eliminate rogue access points can get too time-consuming.
This is why we recommend you take the time to position an access point right outside the perimeter of the firewall and give users the option to VPN through it. This will increase overall security and save everyone a lot of time.
4. Make sure you securely move old data
You probably already know that keeping old data on servers is not a good idea. It’s just additional clutter and increases the maintenance needs. Plus, if a hacker somehow gains access to the devices that are used to store said data, they could be used against the company.
Still, you can’t just simply move them to an offline storing device. Before doing that, we highly recommend you take the time to encrypt them all. If it is generally accepted that there is no more need for the data in question, it can just be securely deleted for good.
5. Putting virtual perimeters will boost the overall security aspect
While it’s important to teach the employees about security protocols, it is, in the end, completely irresponsible to only rely on their common sense and knowledge. After all, we are all humans and we tend to make errors. Sometimes, those errors can be pretty costly.
It is a good idea to survey the entire network and see how it is used. Afterwards, you can take the time to create secure virtual parameters around certain business units that are deemed to be extremely important.
By providing enhanced security between the various business user groups there are present on the network, you will be effectively ensuring that no unauthorized user will accidentally gain access to sensitive data.
6. Give employees security-related pointers for dealing with mobile devices
Nowadays, it is more and more common to see companies, both large and small, that allow employees to bring their own handheld devices to work in order to boost efficiency. BYOD is definitely a great idea, but it does come with certain security risks.
In order to ensure nothing bad happens, there are certain things you need to make sure the employees understand:
- Setup a strong password to lock the device or use the Touch ID with the latest iOS devices to make sure no malicious person accesses data in case of device loss or theft.
- The browser AutoFill option needs to be disabled – This way, if an employee’s device is stolen or somebody else uses it, they won’t have to worry about their work credentials being used to access all sorts of websites.
- Device apps must not have access to private data – Yes, this includes photos, messages and everything else that could be considered private data. This ensures that there will be no chance of those apps gaining access to sensitive company data that might be present within those files.
- Device owners will need to be familiar with VPN procedures – This will ensure there will be no miscommunication and errors. VPN is a must, since it encrypts both incoming and outgoing traffic, so getting employees accustomed with it is necessary.
Need more than just advice?
Yes, these tips will definitely help you handle IT security in the following year, but if you are not yet sure what kind of endpoint protection system you want to use, then they won’t be of much use to you at first.
While there are many choices on the market, we recommend you take a look at our very own Endpoint Protector to see if it would meet all of your needs.
Image courtesy of pcmag.com
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.