Top 5 Endpoint Security Tips
Not everybody is sure about how to protect their security systems from attack. The weakest link of all this is endpoint security. Endpoint security is way of approaching the process of specifically protecting your critical systems or information.
Five Tips To Help Increase Your Company's Endpoint Security
These tips are in no specific order, all of them are important!
Having a good policy for both response to breaches and day to day hitches
Getting a good response plan to respond to breaches and even preventive policies is something of an understatement. A way to get one ready for your business is by having a meeting with your staff and coming up with a policy that either everybody agrees with or can learn how to work with. An example could be restricting access to critical information to only specified individuals, this policy could help cut down on breaches of important consumer information such as credit and debit card information, social security numbers and more. Another example could be a response to an emergency, in which you would disconnect all servers from the internet and lock the system down, preventing any farther breaches while you figure out the cause of the problem and hopefully fix it.
Physically disconnecting secure information from rest of the regular equipment
A huge thing that not many (if any) companies do is physically disconnect sensitive info from the rest of their equipment (servers). This info can be in the form of credit card information, social security numbers, medical records and many more things. As such, this information is so sensitive, it is a huge target for hackers. This reason alone makes it a huge priority to keep that data safe. A physical disconnect of critical information is really a step in the right direction in that case.
Having more file usage restrictions
Restricting the process of opening up files on a system is one way to help lower the amount of potential backdoors hidden in files. You never know if a supposedly legitimate file has backdoor malware inside, so it would be in your best interest to thoroughly scan the file with anti virus/malware, or open the file in a sandbox. A sandbox is a protective barrier between the program and the real system, its a copy of the real system that tricks the program into thinking its the real system.
Sandboxes are a great thing to use in many different situations. Contrary to what people may think, many of the programs you already use on a system are in some form or another sand boxed already. But its only with individual programs in a program you could say, it doesn't completely secure everything. You have to use special sandboxes to secure everything. You can either use a virtual machine or a dedicated program for sand boxing (Sandboxie). A virtual machine is running a isolated operating system on a regular computer, this virtual machine does not interact with the main computer, preventing a viruses that are in the virtual machine from attacking the main system. Sandboxie is not a virtual system, but a program that sandboxes individual programs of your choosing. So if your unsure you can about a program being safe, you can use a sandbox program such as Sandboxie to help protect your system, without having to have a whole another physical system as a container.
Stronger firewall restrictions
Having firewall restrictions is a way to help minimize, but not completely remove the threat of being attacked from a backdoor program or email. Its a great baseline that could help curb most attacks, but some of the more crafty viruses could backdoor themselves through legitimate programs that exit the firewall and connect to the internet (email, internet browser, etc.).
Endpoint security is the weakest link of security, so many breaches have occurred from exploitation of these flaws in many different areas. As such we must do our part to fix things up a bit. The next post is about how to put the right hardware in a server, helping you make sure you have the right hardware for the job inside.