Project Description

10 ways to solidify your endpoint security strategy

We recently outlined 8 cyber security trends that every New Zealand organisation should be keeping their eyes on right now. After outlining these trends, in partnership with HP we thought it pertinent to outline 10 ways any organisation can solidify their endpoint security strategy. So, without further ado, here they are.

1. Enable multi-factor authentication

90 percent of data obtained through phishing scams are user credentials, and between 80-90 percent of passwords can be hacked in under 24 hours. Multi-factor authentication (MFA) makes a user enter two or more independent credentials before granting access. Typically, credentials are:

  • Something the user knows (password or PIN)
  • Something the user has (phone or card)
  • Something the user is (face and fingerprint)

2. Strengthen your passwords

Mnemonic passwords are far more secure than your typical password. First, you start with a memorable phrase that has between 8-32 characters, upper and lower case letters, and at least one number. After selecting a phrase, make it weird by replacing ‘a’ with ‘@’, or ‘s’ with ‘$’ for example. If you wish to use it as your master password, instead of copying, customise. For your CRM login, simply put ‘CRM’ at the end of the master phrase. Alternatively, there are a number of password manager tools available which require you to remember one just password, while it generates individual passwords for each account.

3. Leverage Antimalware software

Antimalware software are programs designed to prevent, search for, detect, and remove software viruses. If your devices are running Windows 10 then Windows Defender Antivirus is working for you. BUT, be sure to check in Windows Defender Security Centre that the program is actively enabled because this isn’t always the case. For an added layer of security, HP Sure Run works to ensure all your PCs critical processes remain enabled. If they stop, HP Sure Run automatically reactivates them.

4. Maintain up to date software

The threat landscape is an ever-evolving beast. If your software isn’t up to date, there’s a good chance you’re missing critical security patches for recently discovered threats. And this goes for everything from the operating system right down to your web browser and office applications. To keep your software up to date, verify in your OS that automatic updates are enabled, or use an update manager such as HP Support Assistant to notify you when an update is necessary. Just remember, the older your software, the less reliable and secure it is.

5. Secure your browser

Browsers are the number one tool we use to access the internet, so naturally, they’re the number one target for potential hackers. To keep your browser as secure as possible, there’s four steps you can follow:

  • Use a trusted browser such as Explorer, Chrome or Edge.
  • Keep it up to date by enabling automatic updates.
  • Listen to the pop-up displays and heed the warnings.
  • Restrict content and plug-ins. With things like Flash and JavaScript, have them disabled by default, and only accept them being turned on for sites you trust.

6. Secure your network

In a recent report by HP, routers were shown to be the most frequently exploited type of device for Internet of Things (IoT) attacks. Connected to everything else in your network, it’s imperative to secure your network. Here are four ways in which you can do that.

  • Password required, there is never a reasonable situation in which a user shouldn’t have to enter an administrator password to access the network.
  • Configure encryption – with WEP, WPA, WPA2, WPA3 (weakest to strongest), always select the highest encryption standard possible.
  • Maintain up to date firmware.
  • Leverage Virtual Private Networks (VPN)

7. Maintain vigilance on public Wi-Fi

Wireless connectivity is everywhere, from airports and cafés to entire cities. It’s overly convenient, but also incredibly dangerous. To protect yourself as best as possible, follow these three rules:

  • Limit the context of your activity – try not to access sensitive information like business-critical files, bank details, and passwords.
  • Limit your activity to encrypted sites. So, HTTPS (https://) sites as opposed to the unsecured, plain text HTTP.
  • As mentioned in number 6, route everything through a VPN.

8. Prevent visual hacking

It may sound trivial, but don’t underestimate it. Visual hacking occurs when sensitive information is on display in a public place either a business competitor or identity thief sees it, then captures it, and exploits it. It’s important to be aware of your surroundings, and when in public places limit your exposure as much as possible. For added security, HP Sure View Gen2 is an integrated privacy screen specifically designed to prevent visual hacking.

9. Encrypt your data

Lost and stolen devices are a top 5 cause for loss of business-critical data. When a device is stolen the first thing that’s attacked is the hard drive. With encryption, even if a devices hard drive falls into the wrong hands, the information on it is unintelligible without the secret decryption key. Windows 10 and other encryption tools BitLocker make it easy to encrypt your valuable data. Talk to a CodeBlue expert for a run-down of how to best leverage these tools.

10. Protect below the operating system (OS)

Beneath a PCs operating system lies the Basic Input Output Software (BIOS), which is responsible for booting up a computer and helping to load the OS. If a hacker was to gain access to your BIOS, the computer is essentially theirs. To keep it as secure as possible, consider the following:

  • (Again) Keep it up to date at all times
  • Set a BIOS password to avoid settings being unnecessarily changed
  • Set a power-on password – password access required before the system runs anything.

Follow these 10 steps and if you still suffer a cyber-attack, it won’t be due to poor endpoint practices.

At CodeBlue, our aim is to help customers avoid the damage an IT security breach can cause. Reputational damage, loss of business, regulatory fines and safety concerns are all potential consequences of an information security breach.

The focus at CodeBlue is to minimise the risk at every turn to ensure your business does not suffer these serious consequences.

If you want your organisation to be protected from the widest number of IT security threats, or have any questions regarding the 10 endpoint protection factors mentioned above, contact CodeBlue today to discuss our Cyber Security Services.

Note, this blog was built out with reference from the following document:
The Cyber-Security Field Manual, Ten steps every business should take to protect against cyberattacks, © Copyright 2018 HP Development Company, L.P.

Talk to us