Two business people looking at a computer.

6 Best Practices for Complete Network and Endpoint Security

13 Sep 2017 by Isabel Ticlo

How many applications do you log in to each day? How many emails do you send an hour? How much time do you spend browsing websites on your phone as you wait for the next meeting to start or customer to walk in?

Thanks to modern technology, accessing information is easier than ever, and we do it without hesitation. But maybe there should be some hesitation. After all, each time we capture, store, share and edit data through connected devices, we put ourselves at risk. Network and endpoint protection is critical to keep these actions from harming our businesses. How much confidence do you have in your security strategy?

Given the cyberthreat landscape, it’s surprising that some organizations aren’t protecting their data to the best of their abilities. Failing to acknowledge that multiple cybersecurity levels require your attention can be dangerous.

A desk with die, books and papers to play dungeons and dragons with.

Player’s handbook: Cyberthreat trends

Think of your security strategy like a game of Dungeons & Dragons. Sometimes protecting your data is as simple as surviving and completing tasks throughout the narrative — i.e., creating custom passwords for different accounts or deflecting phishing emails in order to achieve daily operations.

Other times, you may have to defeat a specific beast — i.e., deal with a hacker who’s broken through your defenses. The only difference is that, unlike in Dungeons & Dragons where you roll a 20-sided die to determine if you succeed, you shouldn’t leave your security strategy to chance.

To help your business grow smarter, you need to ensure your endpoints and network are safe from both basic cyberthreats and the toughest cybermonsters.

According to Symantec’s 2016 Internet Threat Security Report, 43% of spear-phishing attacks in 2016 were against Small to Medium Businesses (SMBs) and resulted in data loss, revenue loss, damaged reputation, endangered customer credentials and more.

25% of small businesses consider cybercrime a major threat, 46.2% see it a moderate threat, 26.92% recognize it as a minor threat and 1.9% don’t feel at all threatened hackers.
Figure 1

Since that time, most SMBs have recognized cybercrime as a real threat. As shown in Figure 1, 25% of SMBs consider it a major threat, 46.2% see it a moderate threat and 26.92% recognize it as a minor threat. Only 1.9% don’t feel at all threatened by the potential of a cyberattack.

What can you do to stay in the game and prepare for evolving threats?

Defining end-to-end network security

Here are some best practices you can use to bolster your defenses and adapt to the evolving cyberthreat landscape.

1. Access and identity management
Network Access Control (NAC) computer security unifies endpoint security solutions such as user assessments, system authentication and intrusion prevention to ensure critical data is restricted to qualified employees. For example, when teammates log on to their work computers, they can only view files that have been authorized for them to touch.

2. Threat intelligence
According to TechTarget, threat intelligence includes in-depth information about a specific cyberthreat, such as a zero-day threat, advanced persistent threat or exploit, to help businesses defend against hackers. Collecting data from research and analysis will help you detect abnormal network behavior and predict and block malicious activity.

3. Firewall
Having a firewall in place can mean the difference between successfully preventing a cyberattack and responding to a breach. Firewalls monitor and control network traffic based on predetermined security rules you choose. You can launch a firewall in either hardware or software form, or a combination of both, to keep unauthorized users or messages from connecting to your private network.

4. Mobile devices
Device security can be broken down into two categories: physical device protection and application management. Eighty percent of data breaches in the public sector result from physical theft or loss of a mobile device, insider misuse and error. It’s critical that you train your employees to lock their devices and choose complex passwords hackers are less likely to guess. Multifactor authentication could also help reduce the chance of a successful attack, and a remote wiping system could be a lifesaver if a business-critical device is stolen.

When it comes to applications, setting restrictions on what teammates can and cannot download will help mitigate risks. And running regular software updates and audits will guarantee your security protocols are up to par, preventing rogue software from sneaking through.

5. Recovery plans
We know you aren’t going to leave your security success to the luck of a dice roll but are going to find the right solutions that will help future-proof your business from cyberattacks. But sometimes, even though you do everything right, sophisticated cybercriminals break through your defenses. Taking a proactive approach and setting up a “just in case” recovery plan can save a lot of time, money and stress.

6. Forrester’s Zero Trust model
According to Forrester, “The fundamental problem in network security is the broken trust model where security pros, by default, trust the users and traffic inside their network, and assume that all those external to the network are untrusted.” To solve this issue, Forrester created the Zero Trust Maturity Model of information security, which can be implemented in five steps:

  • Identify your sensitive data.
  • Map the data flows of your sensitive data.
  • Architect your Zero Trust network.
  • Create you automated rule base.

Continuously monitor your Zero Trust ecosystem.

Read the complimentary Forrester report “Assess Your Network Security Architecture With Forrester's Zero Trust MaturityModel" to learn more about how you can orchestrate a powerful network security strategy.

Gain security, simplicity and performance.

Your success depends on how you enable and protect your workplace.

Learn more