Protecting Endpoint Devices

 

John Magee
Vice President
Product and Services Marketing
Symantec

 

Endpoint devices-such as servers, laptops, and desktops-are increasingly being targeted by attacks designed to compromise and steal data belonging to small and
midsize businesses. Here are five tips to protect your business and your customers:

 

Use Layered Security. Deploy defense-in-depth strategies for employees and other end users, including endpoint security solutions and security patch updates. Anti-virus definitions and intrusion prevention signatures, which allow your computer to immediately recognize known threats, must be updated regularly.

 

Also, all desktops, laptops, and servers should be updated with the necessary security patches from the operating system vendor. Consider deploying a firewall to help control network traffic to the endpoint device. And make sure to enable the security settings on Web browsers and disable file sharing where it's not absolutely necessary.

 

Additionally, teach users to develop strong passwords with at least eight characters and a combination of numbers, letters, and special characters. Change all passwords every 45 to 60 days.

 

Implement a Network Access Control Solution. All network-connected computers and inbound and outbound traffic should be monitored for signs of unauthorized entry and malicious activity. Ensure that any infected computers are removed from the network and disinfected as quickly as possible.

 

Also, create and enforce policies that identify and restrict applications that can access the network. Small and midsize businesses should apply operating system and security software updates and patches as soon as they are released. To protect against successful exploitation of Web browser vulnerabilities, upgrade all browsers
to the latest versions.

 

Stay Informed. Read reports published on the Web that help define the threat landscape for small and midsize businesses. Deploy anti-spam technologies at the mail gateway to proactively protect your environment.

 

Don't Forget Physical Security. Employees should use the screen-locking feature when away from their computers, shut their computers off when done for the day, lock laptops with a cable, don't leave passwords written down, and be mindful of the physical security of PDAs and other handheld and portable devices, which are a popular and easy target for thieves.

 

Back Up Data. For any number of reasons-disaster, human error, hardware failure, among others-your IT system could be brought down. Back up important data regularly and store extra copies of this data off-site. Encrypting those backups is a good idea or may be required by law.