Endpoint Protection

Protecting the most vulnerable targets


The last line of defence is the endpoint (PC, Tablet, Laptop, smartphone). This is generally where attacks begin and are launched from. Securing each endpoint will minimize any spread of compromised systems and work with the security fabric to reduce impact and eradicate the threat. The most common ways malware infects information systems is through nefarious websites and email attachments and links (phishing) (Furnell, 2010). This is further evidence that the endpoint must be protected over and above any other device for a small business.
70%

of IT professionals consider Desktops and laptops the most at risk user devices

71%

of people are most worried about hackers accessing their personal financial information


Endpoint Protection

Protecting your most exploited device

CyberProtect 360 Endpoint Protection offers a solution that includes endpoint systems protection, incident response and basic monitoring in a single cohesive security package. The solution to provide endpoint (PCs, Laptops etc.) protection includes at a minimum; .

  • Real-time malware protection.
  • Vulnerability scanning.
  • Web security.
  • Exploit prevention.
  • Protection from Zero day threats.
  • Monitoring & reporting.
  • Sandbox detection.
  • Monitoring & reporting.
  • Set and forget.
  • Layered proactive defence.
Protect now!

Elements of Endpoint Protection

Features and benefits


Harden the Environment

Remediation of the current information systems environment would need to be conducted before endpoint protection is implemented. Nearly a third of all computers could be infected with malware suggests a report from the Anti-Phishing Network (Mello, 2014). Creating a standards foundation will ensure a proven framework to work with. The ASD essential 8 can be used to harden systems to cover off 85% of cyber-attacks.

Layered Defence

Our solution incorporates a layered defence model. Defence in depth requires layering security protocols in a series that protects, detects and responds to attacks on systems (Merkow & Breithaupt, 2014). This system would intelligently monitor and respond to cyber threat from your internal network from each of the endpoints. The following would be required elements to have an effective multi-vector endpoint solution;

  • Web protection - Prevents access to malicious websites, ad networks, scammer networks, and bad neighbourhoods.
  • Application behaviour protection - Prevents apps from infecting the machine. (Signature-less).
  • Application hardening - Reduces vulnerability surface and proactively detects fingerprinting attempts used by advanced attacks. (Signature-less).
  • Exploit mitigation - Proactively detect and block attempts to abuse vulnerabilities and remotely execute code on machine.
    (Signature-less).
  • Payload analysis - Heuristic and behavioural rules, identify entire families of known and relevant malware..
  • Anomaly Detection Machine Learning - proactively identifies unknown viruses and malware from known “good” files. (Signature-less).
  • Ransomware mitigation - Detects and blocks ransomware via behaviour monitoring technology. (Signature-less).

Even if staff clicked on a dubious website or nefarious link within an email or email attachment, this endpoint solution would still be able to prevent the attack and reduce the impact of that attack. Without an SME having to implement each of the Essential 8 strategies, this solution would protect them from the risks that several of these strategies seek to prevent (Whitelisting, OS and App patching, App hardening, Office Macros). Each of these Essential 8 mitigation strategies seeks to prevent malicious code from executing and limit access to sensitive data. These mitigation strategies should be considered and implemented where cost-effective.

Secure the endpoints

The last line of defence is the endpoint (PC, Tablet, Laptop, smartphone). This is generally where attacks begin and are launched from. Securing each endpoint will minimize any spread of compromised systems and work with the security fabric to reduce impact and eradicate the threat. The most common ways malware infects information systems is through nefarious websites and email attachments and links (phishing) (Furnell, 2010). This is further evidence that the endpoint must be protected over and above any other device for a small business.

Monitor the system

It is great to have all the systems security in place but if nothing is keeping an eye on it, vulnerabilities will emerge and be exploited. By failing to monitor information systems, the response becomes a reactive one when a proactive one would be more appropriate. Reporting would be on a monthly basis.

Implementation

Endpoint Protection is implemented in two ways;
1. Installed by the business with a link to the endpoint agent software
2. Endpoint agent software sent to SME MSP to install

Key challenges addressed
  • Hardening internal systems against known exploits.
  • Monitoring systems against known and ‘zero-day’ threats.
  • Endpoint response and remediation .
  • Proactive cyber defence.
Protect now!