Tips for the Endpoint Warrior
Know What Assets You Have and Where They Are â€“ This may sound very basic, but after one laptop turns out to be missing, the basics look like very good rules to follow. Do your physical security procedures also require equipment coming in and out of your institution to be checked in at the front desk? Also, remember to get back any assigned equipment when an employee leaves the institution.
Spell Out What Is Allowed, And What Is Not â€“ Take a look at your security policies to ensure that youâ€™ve spelled out clearly which devices and activities are allowed. This one action will save a lot of time and clear up any grey areas your employees might have in regards to acceptable use on the institutionâ€™s networks. One example is a policy that does not allow any instant messaging software or proxies to be downloaded onto an employeeâ€™s workstation, except with permission from the information security officer.
Monitor As Much As You Can â€“ The monitoring includes both external and internal activities. Manager of Information Technology at United States Postal Service Federal Credit Union Alan McHugh has his automated monitoring tool set to alert him whenever general employees try to FTP anything in or out of the network.
Block Sites and Activities That Donâ€™t Have Anything To Do With Work â€“ When possible, you may want to consider blocking access to certain IP addresses, including the social networking sites. Unless there is a business reason to allow access, itâ€™s a wise move.
Not A Mouse or KeyBoard? Donâ€™t Plug It In â€“ Both McHugh and Keith Gienty, Director of Information Technology at Northwest Corporate Credit Union, recommend setting up monitoring devices that will stop your users from plugging in external drives, USBs into PCs. It also helps to block any copying of files onto CDs or other media.
Encrypt Laptops â€“ Why suffer a data breach because you didnâ€™t encrypt the laptops that are leaving your institution? Plan ahead, even if you donâ€™t utilize laptops in your organization, you may be using them during a disaster (think telecommuting during a pandemic).
Use Network Access Control â€“ By using smart network access control solutions this will help you enforce your security policies and ensures even if non compliant devices are plugged into your network is locked down and stopped before anything can happen.