Making sure your endpoints are secure
Advanced endpoint security’s broad approach to protecting both networks and devices enables administrators to offer a range of protections for devices connecting to their network—and therefore, for the network itself. These include:
- Application whitelisting: Only allowing endpoints to install applications that are specifically permitted, rather than relying on lists of known malicious software that may miss newer programs.
- Network access control: Configuring endpoints with access to specific network resources based on their privileges. This stops intruders from using a hacked device to infect the entire network. It’s also a useful way to deal with nonmanaged devices, such as an employee or contractor’s personal tablet or laptop. These can be given limited access or even sandboxed to prevent them reaching valuable data.
- Endpoint detection and response: Looking for indicators of compromise on devices and performing root cause analysis.
- Mobile device management: Protecting mobile devices that are easy to lose or steal by encrypting their data and remotely wiping them if they connect to the Internet after being reported missing.
- Device patching: Ensuring that devices connecting to endpoints are properly patched, potentially quarantining them until they are up to date. This reduces the risk of malware infection.
- Anti-malware protection: Installing malware scanners on endpoints and keeping them regularly updated with new signatures.
- Virtual private networks: Utilizing VPNs to securely communicate between components, adding trust to untrustworthy environments
- Behavioral analysis: Looking for normal patterns of behavior and deviations that indicate compromise.
- Indicator of compromise discovery: Identifying indicators of compromise—potentially malicious activity on a system or network—to help information security and IT professionals detect data breaches, malware infections, or other threats.
Companies don’t have to install advanced endpoint security solutions on their own networks. They can rely on third party cloud-based versions for protection, which can minimize their infrastructure and management overhead. Whichever form of endpoint security they choose, it’s a great way to protect one of the most vulnerable parts of the enterprise computing ecosystem.
Click here to find out more about how SolarWinds Endpoint Detection & Response can help you secure your customers' endpoints
Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Tim’s experience has made him an in-demand expert on cybersecurity and has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. Additionally, Tim has been central in driving advancements in identity frameworks, has worked with the US government on security initiatives, and holds 18 patents on security-related topics.