5 Steps to Mitigate Endpoint Security Incidents
Endpoint security may be the best investment you have ever made. According to a Ponemon survey – The 2017 State of Endpoint Security Risk – the average cost to an organization of attacks that managed to breach endpoint security was $5 million.
In this article, we will look at what you need to know about endpoint security in order to develop a workable strategy to mitigate endpoint-related incidents.
What is an endpoint?
In IT, an endpoint is a device – e.g. a computer, mobile or wireless device, server, etc. – that has a remote connection to a network, and is a potentially vulnerable access point or gateway to a network.
What is endpoint security?
Endpoint security involves creating policies that lay down the rules with which devices must comply before they can access network resources. Endpoint security is particularly important today as more and more organizations adopt BYOD, increasing the number of devices presenting a risk to the network.
Traditional anti-virus protection is no longer sufficient to protect endpoints and organizations. The four essentials of an effective endpoint security strategy are:
- Discovery (and Inventory) – Discovery and vulnerability scanning tools can help you inventory your network assets as well as unprotected endpoints, and assist you in drawing up a security requirements plan
- Monitoring (and Threat Hunting) – A centralized endpoint management tool will enable automated, consistent monitoring of the network and should include active threat hunting software
- Protection – While anti-virus is not sufficient on its own as an endpoint security strategy, implementing an advanced anti-malware application is non-negotiable
- Response (and Alerting) – Your network management tool must include the capability for instant remediation in the event of a breach. You will also need a written incident response policy.
Important steps to mitigate cyber security incidents generally
An endpoint (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Penny Hoelscher. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/k4JlaE66cRY/