Each device connected to your network is known as an endpoint. This includes computers, smartphones, tablets, printers and IoT devices. There used to be a time when companies estimated the number of endpoints simply by computer and workstations. But with the rise of mobile devices and smart technology, traditional PCs only make up a minority of the endpoints in most organisations.
Today, mobile devices make up about more than 50% of endpoints in Australia, and are handeling a significant portion of workload. As companies settle into an environment where work is now often being done remotely from eployee homes, endpoint security becomes vital.
A survery performed by Hewlett-Packard (HP) found that 91% of IT professionals feel that Workstation security is as important as Network Security. Risks are increasing, with 54% stating they have seen a higher number of phihsing attacks within the last 12 months. Nearly half also said they have witnessed internet-connected printers being used as attack entry points.
While all companies have endpoints of some type, some of the industries that need to be particularly aware of endpoint attack risks are:
Many of the mission critical machines within these industries are also connected to the internet to get real-time data which makes them prone to internet-based attack.
So, now that we have established that how important these internet based machines are, it begs the question how would You are or a busy Business Owner in Australia know that whether the internet facing machines are well-protected or not?
What I have done below is, outlined 6 Essential steps which you can do for free to get these machine protected. If You feel that you do not have the time to implement all of this, why don't you reach out to me and we can get these 6 steps implemented within your Organization. You can find out more about and our other services by requesting a Business IT Audit for your Business.
Best Practice For Protecting Computers And End Points from Being Breached
Define BYOD Policies
Many organisations use a bring-your-own-device (BYOD) policy for mobile devices. Employees use their own mobile devices to access business email and applications. Companies will provide a stipend for re-imbursement, which is less than the cost of purchasing and issuing company-owned phones to everyone.
BYOD can be a serious if you do not have mobile use policies in place that govern device security and the use of data on personal devices. Make sure you lay out the ground rules for a BYOD policy, including how company data is to be protected and locked so others that may access the device cannot compromise business information.
Do Not Operate PCs at the Administrator Level
When most computers re first setup, the users will just keep their login at the administrator level. This allows them to do anything, such as add and remove programs and run code that could potentially be malicious.
It is better to create a second user persona on the device that does not have admin-level access to the PC. This persona on the device should be used 99% of the time. If the user needs to do something that requires admin access, they can switch into the other user account, then switch back when finished.
This reduces the damage that a hacker that manages to breach a PC can do because they have breached a user that has permissions restricted.
Use DNS Filtering To Block Malicious Website
DNS filtering is important for computers and mobile devices. Phishing via email and text messages uses links to malicious sites a majority of the time to conduct attacks. Clicking these links can take the user to a malicious website that immediately downloads malware onto the device.
With DNS filtering in place, the person is protected. The filter recognises malicious sites and blocks them while providing a warning message to the user.
Educate Employees on Device Security
Do your employees use passcodes on their mobile devices to lock the screen?
Studies show that 52% of people do not lock their phones in this way. They often find it incnvenient, but it is also less secure.
Train employees on te basics of device security, including:
- Using passcodes to lock devices
- Storing devices securely
- Ensuring that malware protection is installed and running
- Not downloading unfamiliar apps
Track All Devices That Connect To Your Network & Cloud Tools
If you do not have End Point Device Management in place (also known as mobile device management), then your network is at a much higher risk of an End Point Breach.
Even Businesses with just 50 employees have an average of 114 End Points connected to their network. It is crucial to monitor which devices are connecting to your assets and when.
Use an endpoint device maanger, such as Microsoft Intune (Part of Microsoft 365 Business Premium Plan). This type of Application will allow you to monitor device access to your network, as well as automate certain security activities. You can also lock out devices that are not approved and revoke access quickly if a device is lost or stolen.
Automate Updates For All Devices
Keeping devices updated with all security updates is part of basic cyber security hygiene. But often, this is neglected for endpoints that are not classified as a server or computer.
Make sure all endpoints on your network (including IoT devices) have updates and security patch installation automated so they are protected from vulnerabilities that hackers can exploit.
Get Help Improving Your End point Security Strategy
XpressteX can work with Australian Business Owners to improve endpoint security with a layered solution that reduces the risk without cause disturbance within your team.
Book A Strategy Session with me to discuss further by clicking the link below or calling my Office on 1300 991 030
Book A Strategy Session With Manny