Posted by: MelanieYarbrough
A couple weeks ago, I read an article over at Tech News World that got me thinking about endpoint security, and how it has become like a spy movie, where the biggest threats are often coming from the inside. We asked you if your endpoint security focus was shifting, and how you’re managing that. And you answered…
Technochic’s company has disabled USB ports, CD writers and implemented strict mobile policies when connecting to email servers. But it’s worth it, she says, because with a little awareness and a plan of action, endpoint security can protect against both internal and external threats.
Jinteik’s company, in addition to disabled USB and CD/DVD drives, has locked up the BIOS. They don’t allow OWA and have strict printing permissions policies. Vendors can’t connect to their networks, nor are there any wireless devices in their office.
TomLiotta’s company has taken into account the need for USB ports to connect devices such as a mouse or a keyboard. Aside from antivirus, they audit regularly via automated monitoring, authenticate and authorize according to position, and maintain a security policy. They’re in a unique spot as a software vendor of network security, meaning their employees are more knowledgeable than most on how to cause trouble. Their solution? Focus more on quality employee relationships and education rather than software and hardware obstacles. He makes a good point:
Fundamental safeguards will always be in place. This protects from mistakes made by the best of us. But clear authentication combined with authorizations that are capability- and object-based, for employees who have a solid relationship with their employer and who always have access to a good security policy, into systems with strong monitoring, all tend to make most issues disappear.
Chippy088, or David, agrees with Tom, and highlights the way many obstacles can be circumvented. Active Directory controls are in place primarily for normal users, and disabled physical ports can sometimes be accessed in safe mode. His suggestion? Virtual machines:
[They are] 90% more effective in controlling users trying to bypass security controls, as the local physical devices are not used in saving/printing.
What does bother him though are mobile devices, and finding the balance between control and flexibility for utilizing off site access points.
Mitrum got right to the point:I disabled USB ports and CD/DVDROM, bluetooth, micro SD, MMC, etc. in my organization.
Do some of these strike you as too strict or not strict enough? Share your thoughts and your own endpoint security policies in the comments section!