10 things your endpoint security software must allow you to do

<a href='/blog?tag=IT Security'>IT Security</a> <a href='/blog?tag=Endpoint Protection'>Endpoint Protection</a> <a href='/blog?tag=Compliance'>Compliance</a>
Endpoint blog image

Even during more normal times, there are millions of people all over the world that work remotely or from home regularly. During the current coronavirus crisis, that number has increased dramatically.

Working from home, employees might be more tempted to copy data to a home PC or connect to a home printer to print off information that may contain sensitive data. This makes it all the more important that devices are secured and any critical data residing on laptops, servers and in Cloud services is only used by the people that need to use it, and that it is used for the correct purposes.

Clearswift has recently updated and improved its Endpoint DLP software. In one solution, it provides context-aware Data in Use (DIU) policies to control which devices can connect to a corporate network and what information can be transferred, and it executes Data at Rest (DAR) scanning to audit and manage critical information on endpoints.

As a vital piece of your IT security strategy, endpoint security software must provide the right level of protection for your organization. To compare your existing solution with ours, we’ve put together a list of 10 things your endpoint security software must allow you to do:

1) Identify sensitive data users have stored locally and on network shares

With recent regulation such as GDPR and CCPA, combined with the huge spike in homeworking right now, knowing what data has been stored locally is imperative. The Clearswift Endpoint DLP solution scans for sensitive data within a multitude of files and its DAR feature scans local workstations and network shares for predefined or custom expressions used to identify all data that an organization considers sensitive, such as PII. If sensitive data is found, an alert is raised, and the data can be quarantined.

2) Control the devices connected to the network

With the Access Control functionality offered by the Clearswift Endpoint DLP solution, organizations can control the devices connected to the network. This might include removable USB drives, or preventing users from connecting to unauthorized printers whilst working from home. Controls can also be extended to apply read/write permissions accordingly.

3) Ensure valuable IP can’t be copied to removable media or uploaded to cloud storage

The Clearswift Endpoint DLP solution recognizes more than just built-in lexical expressions for PII and PCI data, it allows admins to create their own simple or complex expressions using strings or regular expressions. These can then be used to identify any types of IP, such as source code for example, preventing users from uploading to cloud storage or removable media.

4) Automatically encrypt USB devices used within the organization

USB devices can come with security vulnerabilities, especially when new employees join a company and connect USB devices for the first time. Admins must be able to configure encryption policies for all removable storage so that when a user connects a new flash drive or external hard drive via USB it will automatically be encrypted depending on policy settings for that specific workstation.

5) Notify users when they attempt to share/upload sensitive data

Most data leaks are non-malicious and the result of users not being aware that the information they are sharing is sensitive. Clearswift Endpoint DLP notifies users trying to read or write sensitive data to or from removable storage, network shares and cloud storage prompting them to provide a reason. Users then take responsibility for continuing and admins get full visibility of what’s happening to the data in question.

6) Redact sensitive data legitimately copied or shared

Sometimes users have a genuine need to copy documents to removable storage, network shares or cloud storage which may contain sensitive data. Using adaptive redaction, the Clearswift Endpoint DLP solution recognizes terms such as Social Security and Credit Cards details and redacts (masks) them so the document is safe to copy or share.

7) Minimize the threat of Shadow IT

The Clearswift Endpoint DLP solution restricts access to common cloud file sharing applications, such as Box, Dropbox and OneDrive, based on policy and admins can manage synchronization folders to ensure that nothing sensitive is uploaded to Cloud storage systems that are unsanctioned.

8) Enforce security rules even when users aren’t connected to the network

The Clearswift Endpoint Solution is deployed as a lightweight agent that when on the corporate LAN (or WAN), it connects to the management console and receives policy updates and passes back any alert details. When a corporate device is being used at home or in a coffee shop, the same policy rules for device access and file scanning still take place and violations are stored until the laptop is back on the LAN (or WAN) and admins can manage any alerts.

9) Apply granular policies

With Active Directory integration, policy rules can be applied to whole company, to a group or team or to individuals. As new users and new machines are added to the enterprise domain, the users and machines are automatically enrolled and secured.

10) Provide reports to demonstrate ROI

From a central console, the Clearswift Endpoint DLP provides detailed reports on policy violations and trends. Support for SIEM systems is provided as standard allowing organizations to integrate information into existing corporate dashboards.

How does your current endpoint security solution compare?

Ask us for a demo

Related resources:

Clearswift Endpoint Protection
Clearswift Endpoint Datasheet
Top 5 cybersecurity threats to the UK healthcare sector


*** This is a Security Bloggers Network syndicated blog from Clearswift Blog authored by Rachel.Woodford. Read the original post at: