Defence in Depth for Endpoints and Network
Endpoint devices include mobile devices, workstations, and servers. Endpoint devices should connect to the network through a secure channel (such as a Virtual Private Network or VPN), this is to ensure data is not intercepted when retrieved by a client. Also, endpoint devices must have adequate security, such as encryption, antivirus, and firewalls, to keep both data in transit and data at rest protected (especially in a situation when the device is stolen). Additionally, all corporate networks should be encrypted with industry best standards.
- Endpoints include servers, desktops, laptops, tablets, and mobile devices
- Networks include wired and wireless, and require secure perimeter, network segmentation, and known ingress/egress points
- Controls must exist to prevent, detect, and respond to security incidents
- Technologies must include firewall, intrusion prevention, web content filtering, email content filtering, and anti-virus at a minimum
- Systems must be hardened (e.g. default passwords and shared accounts must not be used, unnecessary services are disabled, and insecure protocols are disabled)
- Additional controls may be required to mitigate risk to your organization