VIDEO
HIGHLIGHT
Log InSign up
Cybersecurity Architecture: Endpoints Are the IT Front Door - Guard Them
SummaryTranscriptChat

Cybersecurity Architecture: Endpoints Are the IT Front Door - Guard Them

Welcome and Introduction

In this section, the speaker introduces the Cybersecurity Architecture Series and recaps previous discussions on cybersecurity fundamentals and identity and access management.

Understanding Endpoint Security

  • An endpoint encompasses various hardware platforms like servers, desktop systems, laptops, mobile devices, and IoT devices.
  • The distinction between business and personal use of devices is blurring as individuals utilize a mix of endpoints for both purposes.
  • All endpoints contribute to the attack surface, increasing vulnerabilities and challenges for security measures.
  • The expanding attack surface due to diverse hardware platforms necessitates comprehensive security controls.

Implementing Security Controls on Endpoints

  • Endpoint management systems aim to streamline security practices across different types of endpoints.
  • Current practices involve multiple administrators managing various endpoint types separately, leading to inefficiencies.

Visibility and Control in Endpoint Security Management

The importance of visibility and control in enhancing security within an organization's Endpoint Security Management System.

Integrating Visibility and Control

  • Policies play a crucial role in enforcing controls within the system, including querying systems, hardware and software levels, and adherence to security policies regarding acceptable hardware and software versions.
  • Security policies may dictate rules such as allowing only current and previous software releases to ensure systems are up-to-date with necessary security patches.

Enforcing Security Policies

  • Implementation of password policies, patching for updated software, encryption policies for data protection, remote wipe capabilities for lost devices, location tracking, antivirus measures, and device disposal protocols are essential components of a robust security policy.
  • Proper device disposal strategies should be considered to prevent data exposure when devices reach the end of their lifecycle.

BYOD Programs: Well-defined vs. Poorly Defined

Exploring the complexities of Bring Your Own Device (BYOD) programs within organizations.

BYOD Program Classification

  • Organizations can be categorized into those with well-defined BYOD programs, poorly defined programs, or unsanctioned programs that lack clarity on user IT usage.

Selective Data Wipe and Device Configuration

In this section, the speaker discusses the importance of selective data wipe for corporate devices to ensure personal data remains intact. Additionally, the configuration requirements for devices are highlighted, including software versions, necessary applications, hardware specifications, and authorized services.

Selective Data Wipe

  • The organization can perform a selective wipe to remove only corporate data while preserving personal information on devices. This action is taken when a device is reported lost or stolen or when an employee leaves the organization.

Device Configuration Requirements

  • Specific levels of software are mandated for devices, such as current version, N version, and N minus one. Certain required applications must also be installed based on device type (e.g., mobile vs. desktop).
  • Distinctions in required configurations exist between mobile and desktop devices; for instance, antivirus may be mandatory for desktops but not mobile devices. Organizations may prohibit specific applications deemed risky or vulnerable to threats.

Hardware Specifications and Authorized Services

  • Organizations may specify supported device types based on hardware configurations to streamline support processes effectively. Only designated desktops, laptops, or mobile devices are endorsed by the organization.
  • Cloud services usage is regulated by permitting only authorized services like cloud-based file sharing programs while monitoring compliance closely to ensure adherence to organizational guidelines.

User Guidance and Compliance

The speaker emphasizes guiding users towards correct actions rather than restricting them with prohibitions. By providing clear instructions on preferred behaviors and services usage, organizations can enhance user compliance with security protocols.

User Guidance Strategies

  • Encouraging users to follow specified procedures rather than imposing restrictions fosters better compliance with security measures within organizations. Clear directives on preferred actions lead to improved user behavior alignment with organizational goals.
Playlists: Cybersecurity Architecture Series
Video description

IBM Security QRadar EDR : https://ibm.biz/BdySEq IBM Security X-Force Threat Intelligence Index 2023: https://ibm.biz/BdySEf The prior video in the series covered identity and access management (IAM), which Jeff "the security guy" described as the new perimeter. Of course, none of those access precautions, like multi-factor authentication, will matter if you can't trust the platform that it's coming from. In this video, Jeff Crume explains how to assure that endpoints are in fact secure and can be trusted. Get started for free on IBM Cloud → https://ibm.biz/ibm-cloud-sign-up Subscribe to see more videos like this in the future → http://ibm.biz/subscribe-now #AI #Software #ITModernization #Cybersecurity #QRadar #JeffCrume #endpointsecurity