Effective endpoint security without a significant investment

This tip originally appeared on SearchSecurity.com.

The endpoint security market grows as more attention is given to the challenges of securing a dynamic digital perimeter. Organizations willing to pay a hefty price can choose from a variety of products that ensure that endpoint devices comply with policy before connecting to the network. However, effective endpoint security doesn't have to require a significant investment in new software or hardware. Most organizations already employ three effective endpoint security controls: firewall, antivirus and patch management.

Where is your endpoint?

The function of perimeter or endpoint security is to ensure that the infrastructure is protected against external threats. Before you can secure your endpoint, you need to define it. In the pre-Internet days of the mainframe, endpoint security was simple; things were either inside or outside of the data center. Despite the fact that more and more is being spent on information systems security, systems are becoming increasingly complex, and complex systems are much harder to protect.

Even the physical perimeter is not simple to define. The potential endpoints are many. Some of them include:

Know your endpoint

The banking industry has a federal requirement known as Know Your Customer (KYC), which is part if the USA PATRIOT Act of 2001. The purpose of KYC requirements is to catch those laundering money or attempting tax evasion. Banks are required to determine the source of customer deposits, classify them according to pre-determined profiles and monitor their banking activity to detect deviations.

Those in information security can take a similar approac

Digg This!     StumbleUpon     Del.icio.us

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

Technical controls

Firewall
A firewall is often the first line of network defense, ensuring that only allowed traffic traverses the network. Firewalls are often pristine when initially configured, but after time, allow far too much traffic and too many protocols through. In addition, management often puts too much confidence in firewalls.

How do you obviate such a predicament? Make sure you have an effective and current set of firewall policies. A firewall can't be effective unless it's deployed in the context of working policies that govern its use and administration.

Antivirus
Viruses, worms, Trojan horses, spyware and more are a huge risk to information security. By deploying antivirus technology at the endpoint, organizations can ensure that malware does not infect the infrastructure.

But when it comes to antivirus software, organizations are only as good as their virus definition files. To ensure maximum protection, organizations must make certain that gateway devices and workstations have updated antivirus signatures on each device.

Patch management
Until recently, patch management was something a system administrator did when he had time; now it is an elemental part of information security. Patch management is a strategic process where it must be decided:

The year 2005 is no longer your mother's patch environment, where one can leisurely decide whether or not to patch. Microsoft's Patch Tuesday can easily turn into a Black Wednesday if not handled correctly.

Times are changing and information security must change with them. Endpoint security comes down to knowing what your perimeter is, knowing what your risks are and defending against them. When managed effectively, your firewall, antivirus and patch management products will help you do that.

About the author
Ben Rothke, CISSP is a New-York based security consultant with ThruPoint Inc. and the author of Computer Security: 20 Things Every Employee Should Know. He can be reached at brothke@thrupoint.net.