SlideShare a Scribd company logo

Why uem-is-the-key-to-enterprise-it-security

CincoC
CincoC

A UEM solution can simplify how various endpoints like servers, desktops, laptops, smartphones and tablets are managed from a central location. Effective UEM practices can help organizations tackle the never-ending responsibility of keeping their network secure. UEM allows for centralized patch management, deployment of security configurations, and remote troubleshooting - reducing security risks and improving productivity. Regular patching is important for mitigating threats like ransomware and avoiding data breaches, but UEM also provides customized security handling and ability to roll back patches when needed.

Education
1 of 14
Download to read offline
Introduction Organizations around the world are moving towards more vigilance in enterprise security. According to Gartner, a leading IT research firm, businesses spent around $86.4 billion on information security (a subset of cybersecurity) in 2017, and that number is expected to hit $93 billion in 2018. Cybercrime research firm Cybersecurity Ventures has also predicted cybersecurity damages could reach $1 trillion between 2017 and 2021, and is expected to reach $6 trillion annually after 2021. Considering these damages, IDC, a market research firm, states that 70 percent of data breaches begin with endpoints; this illustrates the importance of securing and safeguarding your endpoints—from servers to remote mobile devices—to keep your network safe from cyberattacks and secure the data stored in those endpoints. This “Why UEM is the key to enterprise IT security?” introduces you to topics like effective unified endpoint management, overcoming endpoint management challenges, mitigating ransomware and malware, and securing personal data to achieve and sustain GDPR compliance. You'll learn how to manage a heterogeneous network from one central location. You'll also learn about some endpoint security best practices for keeping attackers at bay. In short, this book will assist you in effectively securing all your endpoints to keep your data and network safe. Why UEM is the key to enterprise IT security? Giridhara Raam Cybersecurity Analyst
1.1 UEM simplifies endpoint management 1.2 UEM drives seamless IT security 1.3 UEM improves productivity and keeps users happy 1.4 UEM facilitates better business decisions Table of contents Chapter 1 Understanding the compelling need for unified endpoint management (UEM) 2.1 Mobile workforce 2.2 Managing multiple architecture 2.3 Windows, macOS, and Linux management 2.4 Third-party application management 2.5 Android, iOS, and Windows device management 2.6 Demand for proactive security 2.7 Handling user requests with remote deployment and troubleshooting 2.8 Single console for diversified IT security Chapter 2 Challenges in managing endpoints 3.1 Need for automated patch management 3.2 Rolling back patches 3.3 Deploying customized configurations for unique security handling Chapter 3 Avoiding ransomware, malware, and remote code executions 4.1 Inbound and outbound data flow analysis 4.2 Data management, protection, and security 4.3 Managing personal data on desktops 4.4 Managing personal data on mobile devices Chapter 4 Securing personal data and maintaining user privacy 5.1 Automated patch management 5.2 Script deployment 5.3 IT asset management 5.4 User and group privilege management 5.5 Firewall and browser configuration 5.6 Demand for proactive security 5.7 BYOD device management 5.8 Mobile application management (MAM) 5.9 Data management life cycle Chapter 5 Eight best practices for effective endpoint security
Thanks to advances in enterprise mobility, employees often use two devices for their official work-related operations. Research firm Enterprise Management Associates states, "roughly half of all workers use [...] both a mobile device and a PC in considering a typical day at [the] office." Unified endpoint management (UEM) is an IT management technique that typically takes existing mobile device management (MDM) practices and adds other devices, like desktops and laptops, into a consolidated management scope. Effective (UEM) practices can help you take care of all the devices existing both inside and outside your network, all from one location. With new advances in technology emerging each day, the importance of keeping your network devices secure continues to grow exponentially every year; with proper unified endpoint management, you can tackle this never-ending responsibility with confidence. Many organizations' IT environments are compiled of machines in varying departments that work on different operating systems and have their own applications and security configurations. Depending on the demands of each department, a system will have varying levels of security risks associated with it. For example, the HR department may only work with a few applications, but the product development teams will use multiple tools and applications that not only require constant updates, but must stay up and running to facilitate productivity throughout the entire enterprise. Whether your enterprise is running a single operating system or a combination of several different ones, adopting a UEM solution can provide cut costs, bolstered productivity, and centralized management. Currently the scope of endpoint management covers servers, desktops, laptops, smartphones, tablets, and Internet of Things (IoT) devices. A UEM solution can simplify how these various endpoints are managed and secure all heterogeneous user devices from one central location. With all that said, effective endpoint management, when looped into your existing IT service management (ITSM) and IT operations management (ITOM) practices, can produce impressive results. UEM simplifies endpoint management Chapter 1 Understanding the compelling need for unified endpoint management (UEM) 1 2
The same study found that 27 percent of surveyed companies reported a failed audit in the prior 18 months, of which 81 percent could have been prevented with a patch or configuration change. Similarly, 26 percent reported a breach, of which 79 percent could have been prevented by those same two measures. Users are constantly making changes to information through their devices, whether it's on laptops or smartphones. In this era of evolving IT environments, you need firm control over user devices, regardless of their location. Most cyberattacks exploiting operating system and application vulnerabilities can be avoided by deploying patches over the internet, without waiting for remote devices to reach your enterprise network. Patching, combined with flexible configurations and deployment capabilities, will drive seamless security for your network. UEM drives seamless IT security With all the applications and operating systems that are updated and monitored centrally, users will spend less time concentrating on application level security, allowing them to focus their UEM improves productivity and keeps users happy Regardless of the number of endpoints checking in and out of your network each day, you're responsible for keeping your security gateways safe from intruders. Managing a heterogeneous environment by deploying security configurations for applications, firewalls, browsers, and hardware can reduce security risks exponentially. For instance, a simple firewall configuration to disable SMBv1 and port 445 could have prevented the EternalBlue exploit, leaving WannaCry stuck within a single, infected system. Understanding user behavior will not only help business decision makers formulate strategies that will help strengthen their IT security and improve employee productivity, but it will also help them better direct their investments. UEM gives you a bird's-eye view of your IT environment; it provides you with proper reporting capabilities, allowing you to make better business decisions, like whether you should purchase new hardware and software, renew applications, and more. With improved visibility, you can formulate a better IT management strategy—which leads to a better business. UEM facilitates better business decisions Usage stats come in handy when determining whether or not you have enough licenses for the commercial software used in your network. It's important to track things like the number of devices using each software, as well as the number of times each software is being used and for how long. If you discover that you're not actively using all the licenses you've purchased, you can save money by not renewing those extra licenses. Technical stuff When the key to all your devices is in one place, you need the right formula to ensure data security and safety. Patching and whitelisting should be your first steps of defense, which will help you avoid most cyberthreats. According to a study by research firm Voke Media, of the 318 companies examined, more than 80 percent of breaches occurred due to outdated operating systems and application patches that had been pending for over a year. Note In 2017, WannaCry ransomware wrecked havoc around the world, infecting hundreds of thousands of computers across the globe. This outbreak was traced back to a known vulnerability in Windows computers called EternalBlue, which WannaCry exploited. Companies that failed to patch EternalBlue after the WananaCry outbreak also faced the risk of Petya and NotPetya ransomware a few months later. Remember attention on other aspects of their jobs. UEM keeps endpoints up and running, which eliminates downtime and helps employees reach project deadlines without any technological hiccups. Technical stuff End of chapter 1 3 4
2018 has continued the trend of organizations improving employee productivity by providing them mobile devices, with smartphones, Chromebooks, and tablets already dominating work culture. Managing all these endpoints from one spot can be convenient, but only if the challenges surrounding endpoint management are handled in an effective way. This chapter introduces a few major challenges every IT department faces when moving towards a more mobile workforce. Each organization's culture varies from the next; likewise, the devices existing in an organization's environment differ for each department. Economics runs on the principle of supply and demand; successfully supplying a market's demands will result in profitable business. That philosophy can apply to IT department as well—if you supply your IT department with the tools they need to effectively perform tasks, you'll see more efficient work from their department, which will, in turn, free them up to work on other, more pressing matters. Mobile workforce Desktops, laptops, smartphones, tablets, and IoT devices all can be breached into one way or another if their security layers are not properly scrutinized. As more devices are added to an enterprise's network, the likelihood of that network falling victim to an attack increases. IT security begins with endpoints. Most high-alert security breaches are avoidable with secure and well guarded endpoints. Something to consider Chapter 2 Challenges in managing endpoints Remember 5 6
Many organizations are compiled of different devices ranging from old, outdated OSs like Windows XP to the more recent, like Chrome OS. Effectively securing all these devices in a central location marks a huge milestone for security professionals. Enterprises that fail to reach this milestone are still highly vulnerable to cyberattacks and zero-day exploits. Managing multiple architectures Each operating system comes with its own pros and cons; Windows comes with better developer compatibility, macOS offers designer harmony, and Linux excels with server adaptability. But it's the IT administrator who has to unify different operating systems—this is where an endpoint management tool comes in handy. Windows, macOS, and Linux management A UEM solution that supports multiple Linux distributions, with support for virtual machines and hypervisors, can facilitate server management. With support for both Windows and macOS, you'll feel simply tickled pink. Organizations often have many different third-party applications that require innovation and dependability. From business meeting software like Skype to document applications like Adobe, third-party application software has proven its worth for most enterprises. Managing all these different, complex, new, and obscure third-party applications from a single console can fix zero-day exploits and prevent remote code executions. Third-party application management Browsers are some of the most used third-party applications, making them one of the biggest doorways for an attacker to breach. Neglecting updates on these applications leaves attackers with an open door to your network. Fireball, an adware that took down browsers during July 2017, affected more than 250 million computers worldwide. With the right third-party application management procedure in place, this and similar outbreaks could've been avoided by updating the vulnerable browsers and deploying remote scripts to the machines for complicated threat or vulnerability handling. Android, iOS, and Windows device management A growing trend among enterprises is the adoption of a bring your own device (BYOD) policy. With users switching between public networks and corporate networks, securing the data stored on their BYOD devices from the tide of malware and man-in-the-middle attacks has never been more important. A unified endpoint management system can bring mobile devices running on Android, iOS, and Windows within your enterprise's management reach. With UEM, you can transfer confidential documents between employee devices, whitelist apps that can exist on your employees' devices, identify lost or stolen employee devices, and wipe corporate data in remote devices. Tip Gartner has stated "Through 2020, 99% of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year." When considering this projected statistic, the idea of ignoring patches and updates sounds downright irrational. In 2017, a string of major ransomware attacks, including WannaCry and NotPetya, exploited unpatched computers, resulting in billions of dollars in damages. And the infamous Meltdown and Spectre vulnerabilities from early 2018 places nearly every computer running a modern processor at risk, unless properly patched. These examples alone should be enough of a reason to strengthen your network security and begin deploying patches on time. Demand for proactive security It's highly unlikely that you'll be able to physically access all your network's devices for troubleshooting, especially with the growth enterprises experience each year. You need to be able to remotely troubleshoot systems, fulfill remote deployment requests, run scripts remotely, and other tasks from a central location, regardless of whether the devices are on a LAN or WAN. Remote troubleshooting keeps SLA resolutions times low by enabling multiple requests to be handled quickly. With proper remote control capabilities in place, enterprises can fix nearly any issue from anywhere. Handling user requests with remote deployment and troubleshooting IT security is a never-ending process. Efficient IT security requires effective handling of different ITSM and ITOM dependencies. You can either employ different procedures to handle this, or try using a product that has good integration capabilities. If you're able to look into tickets and resolve any IT operation-related issues from a single console, your productivity will improve, thereby reducing SLA resolution times. Single console for diversified IT security Resolving issues related to troubleshooting, deploying software to remote devices, and restarting or shutting down computers remotely, all from your ticket window, can be especially handy. You should also utilize one-click access to multiple device management capabilities and combine ITSM and ITOM together to get a complete ITIL implementation. Technical stuff Technical stuff Technical stuff End of chapter 2 7 8
Cyberattacks happen everywhere on a daily basis. How can you prevent data theft from ransomware, malware, or trojan attacks? What security measures can keep these threats at bay? This section will touch on some real-time malware prevention measures, which will work for future threats. The Common Vulnerabilities and Exposures (CVE) system recorded 14,712 vulnerabilities in 2017, and just three months into 2018, there have already been over 3,000 vulnerabilities recorded. Considering the number of vulnerabilities discovered every year, enterprises need to identify vulnerabilities in their environment and periodically patch to avoid foreseeable disasters caused by malware, ransomware, or remote code executions exploiting vulnerabilities. With diversified operating systems and applications, enterprises need to ensure all the different type of vulnerabilities are updated in a timely manner, with proper testing and approval status. But doing this manually is a never-ending and near-impossible task. This is where automated patch management comes in handy. Everything from detection, downloading, testing, and deploying patches—the entire patch management cycle—should be automated. Need for automated patch management Even after patching all your OSs and applications, you are still vulnerable to zero-day attacks, which are essentially impossible to predict and avoid. Automatic patching can resolve zero-day exploits as soon as a patch is made available. Remember While deploying patches can reduce the threat of cyberattacks, it can also become a headache for IT admins when vendors do not properly test the patches they release.Things like performance issues can crop up if a patch is hastily made available before its affects have been properly vetted. Should these problems arise, IT administrators need to be able to roll back ineffective patches once they're identified to reverse any changes that disrupt normal business functions. Rolling back patches Chapter 3 Avoiding ransomware, malware, and remote code execution 9 10
Intel released fixes for Meltdown and Spectre several days after the vulnerabilities were reported. These patches worked well on Meltdown, but Spectre's initial patch release resulted in negative impacts on performance, even causing some systems to crash. This is where rolling back patches comes in handy. Though most security procedures can be reinforced with proper patch management, there are certain security threats that require a more customized fix. Beyond application patching, there's still firewall configurations, user privilege management, and file and data management to consider. A single UEM solution can assist with this wide scope of unique security requests that threaten your network. Deploying customized configurations for unique security handling You can prevent unwanted adware and spyware by monitoring user devices, allowing those devices to only browse a limited set of websites and restricting their ability to browse websites outside of that whitelist. Fireball, for instance, could have been avoided if proper browser management was in place. Remember Redefining your firewall based on your enterprise's specific security needs can keep unwanted traffic out of your network. For example, the EternalBlue vulnerability was mitigated by blocking the vulnerable ports in network devices. Not all devices in your network should have access to all data. Defining user and group privileges can limit users' access to data, preventing data loss or theft. TipTechnical stuff Technical stuff End of chapter 3 11 12
Organizations are comprised of huge amount of data; keeping track of all this data by monitoring and securing it is an enormous task. To manage this data, you need to sort out inbound flow, storage location, duration of storage, protection, and security measures as well as classify available data and outbound flow. Finally, determining a data retention and deletion period will offer high-level support for data management. Data flows through corporate networks via the internet and can include email, chats, cloud storage, and sharing, as well as physical and internal means including USB devices and mapped network drives or network shares. With the right data filtering capabilities, organizations will retain only known, essential data inside their networks. Inbound and outbound data flow analysis Limit access to confidential documents by configuring your browsers to be restricted to specific websites, configuring your firewall to limit traffic flow, restricting and limiting your USB devices to avoid data transfer, and redefining user privileges. Once data enters an organization, it's the IT security team's responsibility to keep that data intact without allowing a breach or leak. With the right tools, you can identify the network loopholes attackers will exploit to breach your data. There are common and easy touch points for attackers, including unchanged passwords, weak passwords, downloadable mail attachments, BYOD devices, and unpatched or outdated applications. Effectively handling all these loopholes in a timely manner can help keep attackers at bay. Data management, protection, and security Identify unchanged user passwords and local user accounts that exist in a system; define file and folder permissions to limit users' scope of accessible documents. Configuring user and group restriction can also help with data protection and access. Chapter 4 Securing personal data and maintaining user privacy Tip Technical stuff 13 14
Information shared by end users is stored in computers and servers; this information is stored in different containers based on where the data is collected from, the type of data, and the need for the data that is collected. To gain control over data stored in computers and servers, data management officers must identify the amount and type of data entering their network, where it's stored, and how it exits the network. Practices like monitoring USB devices, firewalls, browsers, and mapped network drives can help you scrutinize this information and secure corporate data. Managing personal data on desktops Remote code execution can steal data from user machines; with proper security against vulnerabilities, enterprises can avoid remote code execution, as well as data theft. Something to think about In the realm of digital transformation, the world is experiencing major changes due to increased use of mobile and IoT devices. With enterprises moving toward more mobile workforces, keeping employee devices secured from cyberthreats is going to become more challenging and time-consuming. Enterprises who adopt a BYOD policy face greater difficulties surrounding mobile deice management, considering that personal data will undoubtable be stored on these devices. Managing personal data on mobile devices Defining role-based access control can help you hand pick which technicians can access which devices. Lost or stolen devices place corporate data at risk. With MDMin place, you can locate lost devices geographically and even keep sensitive data secure by remotely wiping corporate data on devices that can't be recovered. Remember Tip End of chapter 4 Proper management of mobile devices requires enterprises to differentiate between corporate and personal information. Beyond that, regardless of it's a BYOD or corporate-owned device, you should manage mobile applications, limit unwanted apps from accessing sensitive information by blacklisting them, identify devices that have been jail broken, and take mobile security actions immediately to avoid data theft. You can also make sharing emails and documents more secure with conditional Exchange access and content management capabilities. With the right MDM (or UEM) solution, enterprises can secure personal data on mobile devices. 15 16
Enterprise IT security can be maintained with healthy endpoints. To ensure your endpoints are safe and secure, you need to apply several industry-defined best practices, which will set the stage for proper endpoint security. With so many touch points, it's important to map the right security controls with the right tools. 1. Automated patch management Patching is a security procedure that every enterprise should practice to avoid unforseen vulnerabilities. With diversified operating systems and department-specific third-party applications existing inside your network, there's a good chance you could fall victim to a zero-day attack; with automated patching in place, these loopholes can be taken care of in a timely manner before an attacker can exploit them. 2. Script deployment Not all application issues can be dealt with using an automated patch management procedure; some issues have to be fixed by remotely deploying custom scripts to machines. Custom scripts give you an extra hand in support when regular patch management procedures aren't enough. 3. IT asset management With so many different computers, software, and devices existing inside your network, you to be able to see when a device enters or exits your network. With a bird's-eye view over your IT assets, you'll be able to approve and reject devices at a glance, based on their necessity. 4. User and group privilege management Not all users and groups require access to all documents; defining document privileges to a select number of users and groups can help keep data safe and avoid data loss through unknown sources. Role-based access control for mobile devices can limit data usage by technicians in BYOD devices. Chapter 5 Eight best practices for effective endpoint security Improve your enterprise's endpoint security by following these eight best practices: 17 18
5. Firewall and browser configuration Browsers are a primary entry point for data to flow into a network. Control browsers in a network by preventing users from visiting unknown or prohibited sites, which can help regulate what kind of data enters through browsers. Regulating browsers can also help prevent malware or adware from entering the network. Firewalls, on the other hand, can help control traffic in the network by defining the ports that are allowed for communications, which can prevent data flow through undefined firewalls. 6. BYOD device management With mobility and digital transformation driving the future of enterprise workplaces, employees are now using both laptops and smartphones for their day-to-day work routines. You need control over BYOD devices to properly handle personal and corporate data on these devices. 7. Mobile application management (MAM) Outdated mobile apps and inappropriate apps can cause chaos in an enterprise if their vulnerabilities are exploited by an attacker. With proper MAM procedures in place, you can offer security to users' mobile devices by blacklisting and whitelisting applications. Prohibit desktop applications or block unknown EXEs to avoid any possible remote code executions in the future. 8. Data management life cycle You should be able to identify data inside your network, at every point in the data management life cycle. This includes identifying the source of data, where it's being stored, how long it's stored, which protection layers it has, and how that data can leave the network. With constant warnings about idle user accounts, idle shared drives, unknown USB devices, and unrecognized software and hardware, you should feel ready to make sure endpoint security is on the right track. 19 20 End of chapter 5
A unified endpoint management solution can help your organization achieve all eight of these security best practices, and keep your endpoints safe. With so many vendors in the market offering similar capabilities and features, the tool you choose will depend on your enterprise's specific demands. ManageEngine Desktop Central is a unified endpoint management solution that can manage servers, laptops, desktops, smartphones, and tablets from one central location. Desktop Central supports endpoints running Windows, macOS, Linux, Android, and iOS, as well as over 300 third-party applications. Automate all your IT administration tasks with Desktop Central. ManageEngine's UEM solution Not ready to make the switch to UEM? Implement an enterprise mobility management solution like Mobile Device Manager Plus to make sure your mobile devices are secure. Mobile Device Manager Plus helps in managing Android, iOS, and Windows devices from one central location. This tool offers mobile device management, mobile application management, content management, remote wipe, GPS tracking, email management, containerization, device management, and more. Automate all your mobile device management tasks using Mobile Device Manager Plus. ManageEngine's EMM solution Try it now free for 30 days Try it now free for 30 days The answer is a UEM solution 21 22 Request for a demo Request for a demo
Giridhara Raam is a product expert and cybersecurity analyst at ManageEngine, a division of Zoho Corp. He works with endpoint management solutions, analyzing Desktop Central, Mobile Device Manager Plus, Patch Manager Plus and Patch Connect Plus. About Author He also immerses himself in cybersecurity research from an endpoint management context. He wrote an e-book on cybersecurity, entitled “Six best practices for escaping ransomware” and on GDPR, entitled “14 endpoint management features that can help you achieve & sustain GDPR compliance”. You can listen to his cybersecurity webinar on YouTube.

Recommended

report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the Enterprise
ADGP, Public Grivences, Bangalore
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions Roadmap
IBM Security
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and Reputation
IBM Security
 
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEXWIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
IJNSA Journal
 
SECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODEL
SECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODELSECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODEL
SECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODEL
IJCSEIT Journal
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
james morris
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 

Recommended

report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the Enterprise
ADGP, Public Grivences, Bangalore
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions Roadmap
IBM Security
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and Reputation
IBM Security
 
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEXWIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
IJNSA Journal
 
SECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODEL
SECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODELSECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODEL
SECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODEL
IJCSEIT Journal
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
james morris
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
Business Logic Monitoring Primer
Business Logic Monitoring PrimerBusiness Logic Monitoring Primer
Business Logic Monitoring Primer
Rocco Magnotta
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
Elumalai Vasan
 
Security management concepts and principles
Security management concepts and principlesSecurity management concepts and principles
Security management concepts and principles
Divya Tiwari
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
IJMIT JOURNAL
 
Ijetr042329
Ijetr042329Ijetr042329
Ijetr042329
Engineering Research Publication
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
abe8512000
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReportfinance40
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
Icomm Technologies
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Kista watson summit final public version
Kista watson summit final public versionKista watson summit final public version
Kista watson summit final public version
IBM Sverige
 
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENTESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ijesajournal
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco
 
Secure Engineering Practices for Java
Secure Engineering Practices for JavaSecure Engineering Practices for Java
Secure Engineering Practices for Java
Tim Ellison
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
Accelerite
 
Security and Governance Strategies for the Consumerization of IT
Security and Governance Strategies for the Consumerization of ITSecurity and Governance Strategies for the Consumerization of IT
Security and Governance Strategies for the Consumerization of IT
Microsoft
 
McNair_Paper_Hill
McNair_Paper_HillMcNair_Paper_Hill
McNair_Paper_HillDennis Hill
 
Atea erfa microsoft mobile security
Atea erfa microsoft mobile securityAtea erfa microsoft mobile security
Atea erfa microsoft mobile security
J Hartig
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a Science
Pankaj Rane
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
IBM Security
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
WGroup
 
Elements of cybersecurity
Elements of cybersecurityElements of cybersecurity
Elements of cybersecurity
SonaliG6
 
IBM Mobile devices Whitepaper
IBM Mobile devices WhitepaperIBM Mobile devices Whitepaper
IBM Mobile devices Whitepaper
Shetal Patel
 

More Related Content

What's hot

Business Logic Monitoring Primer
Business Logic Monitoring PrimerBusiness Logic Monitoring Primer
Business Logic Monitoring Primer
Rocco Magnotta
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
Elumalai Vasan
 
Security management concepts and principles
Security management concepts and principlesSecurity management concepts and principles
Security management concepts and principles
Divya Tiwari
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
IJMIT JOURNAL
 
Ijetr042329
Ijetr042329Ijetr042329
Ijetr042329
Engineering Research Publication
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
abe8512000
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReportfinance40
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
Icomm Technologies
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Kista watson summit final public version
Kista watson summit final public versionKista watson summit final public version
Kista watson summit final public version
IBM Sverige
 
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENTESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ijesajournal
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco
 
Secure Engineering Practices for Java
Secure Engineering Practices for JavaSecure Engineering Practices for Java
Secure Engineering Practices for Java
Tim Ellison
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
Accelerite
 
Security and Governance Strategies for the Consumerization of IT
Security and Governance Strategies for the Consumerization of ITSecurity and Governance Strategies for the Consumerization of IT
Security and Governance Strategies for the Consumerization of IT
Microsoft
 
McNair_Paper_Hill
McNair_Paper_HillMcNair_Paper_Hill
McNair_Paper_HillDennis Hill
 
Atea erfa microsoft mobile security
Atea erfa microsoft mobile securityAtea erfa microsoft mobile security
Atea erfa microsoft mobile security
J Hartig
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a Science
Pankaj Rane
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
IBM Security
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
WGroup
 

What's hot (20)

Business Logic Monitoring Primer
Business Logic Monitoring PrimerBusiness Logic Monitoring Primer
Business Logic Monitoring Primer
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Security management concepts and principles
Security management concepts and principlesSecurity management concepts and principles
Security management concepts and principles
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
 
Ijetr042329
Ijetr042329Ijetr042329
Ijetr042329
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReport
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Kista watson summit final public version
Kista watson summit final public versionKista watson summit final public version
Kista watson summit final public version
 
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENTESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016
 
Secure Engineering Practices for Java
Secure Engineering Practices for JavaSecure Engineering Practices for Java
Secure Engineering Practices for Java
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
 
Security and Governance Strategies for the Consumerization of IT
Security and Governance Strategies for the Consumerization of ITSecurity and Governance Strategies for the Consumerization of IT
Security and Governance Strategies for the Consumerization of IT
 
McNair_Paper_Hill
McNair_Paper_HillMcNair_Paper_Hill
McNair_Paper_Hill
 
Atea erfa microsoft mobile security
Atea erfa microsoft mobile securityAtea erfa microsoft mobile security
Atea erfa microsoft mobile security
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a Science
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
 

Similar to Why uem-is-the-key-to-enterprise-it-security

Elements of cybersecurity
Elements of cybersecurityElements of cybersecurity
Elements of cybersecurity
SonaliG6
 
IBM Mobile devices Whitepaper
IBM Mobile devices WhitepaperIBM Mobile devices Whitepaper
IBM Mobile devices Whitepaper
Shetal Patel
 
kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.Onwubiko Emmanuel
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
rtodd599
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
jeffsrosalyn
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterprise
infra-si
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
DMIMarketing
 
Take the First Steps Toward Endpoint Security Protection
Take the First Steps Toward Endpoint Security ProtectionTake the First Steps Toward Endpoint Security Protection
Take the First Steps Toward Endpoint Security Protection
VTECH SOLUTION
 
How endpoint security system works
How endpoint security system worksHow endpoint security system works
How endpoint security system works
IT AMC Support Dubai - Techno Edge Systems LLC
 
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdfFour Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Enterprise Insider
 
CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityBob Guimarin
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
harman041
 
10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization
Citrix
 
The Journey to Manage Endpoints Everywhere
The Journey to Manage Endpoints EverywhereThe Journey to Manage Endpoints Everywhere
The Journey to Manage Endpoints Everywhere
Insight
 
Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)
Cisco Service Provider Mobility
 
Unified Endpoint Management: Security & Productivity for the Mobile Enterprise
Unified Endpoint Management: Security & Productivity for the Mobile EnterpriseUnified Endpoint Management: Security & Productivity for the Mobile Enterprise
Unified Endpoint Management: Security & Productivity for the Mobile Enterprise
Citrix
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
cuddietheresa
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
salmonpybus
 
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
InfinityGroup5
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Security
arms8586
 

Similar to Why uem-is-the-key-to-enterprise-it-security (20)

Elements of cybersecurity
Elements of cybersecurityElements of cybersecurity
Elements of cybersecurity
 
IBM Mobile devices Whitepaper
IBM Mobile devices WhitepaperIBM Mobile devices Whitepaper
IBM Mobile devices Whitepaper
 
kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterprise
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
Take the First Steps Toward Endpoint Security Protection
Take the First Steps Toward Endpoint Security ProtectionTake the First Steps Toward Endpoint Security Protection
Take the First Steps Toward Endpoint Security Protection
 
How endpoint security system works
How endpoint security system worksHow endpoint security system works
How endpoint security system works
 
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdfFour Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
 
CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurity
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization
 
The Journey to Manage Endpoints Everywhere
The Journey to Manage Endpoints EverywhereThe Journey to Manage Endpoints Everywhere
The Journey to Manage Endpoints Everywhere
 
Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)
 
Unified Endpoint Management: Security & Productivity for the Mobile Enterprise
Unified Endpoint Management: Security & Productivity for the Mobile EnterpriseUnified Endpoint Management: Security & Productivity for the Mobile Enterprise
Unified Endpoint Management: Security & Productivity for the Mobile Enterprise
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Security
 

More from CincoC

Curso python-para-principiantes
Curso python-para-principiantesCurso python-para-principiantes
Curso python-para-principiantes
CincoC
 
16 pf-preguntas
16 pf-preguntas16 pf-preguntas
16 pf-preguntas
CincoC
 
Giving directions wave
Giving directions waveGiving directions wave
Giving directions wave
CincoC
 
Saber electrónica
Saber electrónicaSaber electrónica
Saber electrónica
CincoC
 
Ejercicios plc
Ejercicios plcEjercicios plc
Ejercicios plc
CincoC
 
Arduino y labview
Arduino y labviewArduino y labview
Arduino y labview
CincoC
 
Microsoft azure pass how to
Microsoft azure pass how toMicrosoft azure pass how to
Microsoft azure pass how to
CincoC
 
Fuente sin transformador
Fuente sin transformadorFuente sin transformador
Fuente sin transformador
CincoC
 
Tutorial labview
Tutorial labviewTutorial labview
Tutorial labview
CincoC
 
Ejemplo gpib labview
Ejemplo gpib labviewEjemplo gpib labview
Ejemplo gpib labview
CincoC
 
Manual administracion riesgo
Manual administracion riesgoManual administracion riesgo
Manual administracion riesgo
CincoC
 
Romper clave elastix
Romper clave elastixRomper clave elastix
Romper clave elastix
CincoC
 
21 riesgos-de-tecnologia-de-informacion-implicaciones-y-retos-para-la-auditoria
21 riesgos-de-tecnologia-de-informacion-implicaciones-y-retos-para-la-auditoria21 riesgos-de-tecnologia-de-informacion-implicaciones-y-retos-para-la-auditoria
21 riesgos-de-tecnologia-de-informacion-implicaciones-y-retos-para-la-auditoria
CincoC
 
Cliente servidor
Cliente servidorCliente servidor
Cliente servidorCincoC
 
Eficiencia en motores_electricos
Eficiencia en motores_electricosEficiencia en motores_electricos
Eficiencia en motores_electricosCincoC
 
Manual de-sql-2000-server
Manual de-sql-2000-serverManual de-sql-2000-server
Manual de-sql-2000-serverCincoC
 

More from CincoC (16)

Curso python-para-principiantes
Curso python-para-principiantesCurso python-para-principiantes
Curso python-para-principiantes
 
16 pf-preguntas
16 pf-preguntas16 pf-preguntas
16 pf-preguntas
 
Giving directions wave
Giving directions waveGiving directions wave
Giving directions wave
 
Saber electrónica
Saber electrónicaSaber electrónica
Saber electrónica
 
Ejercicios plc
Ejercicios plcEjercicios plc
Ejercicios plc
 
Arduino y labview
Arduino y labviewArduino y labview
Arduino y labview
 
Microsoft azure pass how to
Microsoft azure pass how toMicrosoft azure pass how to
Microsoft azure pass how to
 
Fuente sin transformador
Fuente sin transformadorFuente sin transformador
Fuente sin transformador
 
Tutorial labview
Tutorial labviewTutorial labview
Tutorial labview
 
Ejemplo gpib labview
Ejemplo gpib labviewEjemplo gpib labview
Ejemplo gpib labview
 
Manual administracion riesgo
Manual administracion riesgoManual administracion riesgo
Manual administracion riesgo
 
Romper clave elastix
Romper clave elastixRomper clave elastix
Romper clave elastix
 
21 riesgos-de-tecnologia-de-informacion-implicaciones-y-retos-para-la-auditoria
21 riesgos-de-tecnologia-de-informacion-implicaciones-y-retos-para-la-auditoria21 riesgos-de-tecnologia-de-informacion-implicaciones-y-retos-para-la-auditoria
21 riesgos-de-tecnologia-de-informacion-implicaciones-y-retos-para-la-auditoria
 
Cliente servidor
Cliente servidorCliente servidor
Cliente servidor
 
Eficiencia en motores_electricos
Eficiencia en motores_electricosEficiencia en motores_electricos
Eficiencia en motores_electricos
 
Manual de-sql-2000-server
Manual de-sql-2000-serverManual de-sql-2000-server
Manual de-sql-2000-server
 

Recently uploaded

The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
TechSoup
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
beazzy04
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Po-Chuan Chen
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
Anna Sz.
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 

Recently uploaded (20)

The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 

Why uem-is-the-key-to-enterprise-it-security

  • 1. Introduction Organizations around the world are moving towards more vigilance in enterprise security. According to Gartner, a leading IT research firm, businesses spent around $86.4 billion on information security (a subset of cybersecurity) in 2017, and that number is expected to hit $93 billion in 2018. Cybercrime research firm Cybersecurity Ventures has also predicted cybersecurity damages could reach $1 trillion between 2017 and 2021, and is expected to reach $6 trillion annually after 2021. Considering these damages, IDC, a market research firm, states that 70 percent of data breaches begin with endpoints; this illustrates the importance of securing and safeguarding your endpoints—from servers to remote mobile devices—to keep your network safe from cyberattacks and secure the data stored in those endpoints. This “Why UEM is the key to enterprise IT security?” introduces you to topics like effective unified endpoint management, overcoming endpoint management challenges, mitigating ransomware and malware, and securing personal data to achieve and sustain GDPR compliance. You'll learn how to manage a heterogeneous network from one central location. You'll also learn about some endpoint security best practices for keeping attackers at bay. In short, this book will assist you in effectively securing all your endpoints to keep your data and network safe. Why UEM is the key to enterprise IT security? Giridhara Raam Cybersecurity Analyst
  • 2. 1.1 UEM simplifies endpoint management 1.2 UEM drives seamless IT security 1.3 UEM improves productivity and keeps users happy 1.4 UEM facilitates better business decisions Table of contents Chapter 1 Understanding the compelling need for unified endpoint management (UEM) 2.1 Mobile workforce 2.2 Managing multiple architecture 2.3 Windows, macOS, and Linux management 2.4 Third-party application management 2.5 Android, iOS, and Windows device management 2.6 Demand for proactive security 2.7 Handling user requests with remote deployment and troubleshooting 2.8 Single console for diversified IT security Chapter 2 Challenges in managing endpoints 3.1 Need for automated patch management 3.2 Rolling back patches 3.3 Deploying customized configurations for unique security handling Chapter 3 Avoiding ransomware, malware, and remote code executions 4.1 Inbound and outbound data flow analysis 4.2 Data management, protection, and security 4.3 Managing personal data on desktops 4.4 Managing personal data on mobile devices Chapter 4 Securing personal data and maintaining user privacy 5.1 Automated patch management 5.2 Script deployment 5.3 IT asset management 5.4 User and group privilege management 5.5 Firewall and browser configuration 5.6 Demand for proactive security 5.7 BYOD device management 5.8 Mobile application management (MAM) 5.9 Data management life cycle Chapter 5 Eight best practices for effective endpoint security
  • 3. Thanks to advances in enterprise mobility, employees often use two devices for their official work-related operations. Research firm Enterprise Management Associates states, "roughly half of all workers use [...] both a mobile device and a PC in considering a typical day at [the] office." Unified endpoint management (UEM) is an IT management technique that typically takes existing mobile device management (MDM) practices and adds other devices, like desktops and laptops, into a consolidated management scope. Effective (UEM) practices can help you take care of all the devices existing both inside and outside your network, all from one location. With new advances in technology emerging each day, the importance of keeping your network devices secure continues to grow exponentially every year; with proper unified endpoint management, you can tackle this never-ending responsibility with confidence. Many organizations' IT environments are compiled of machines in varying departments that work on different operating systems and have their own applications and security configurations. Depending on the demands of each department, a system will have varying levels of security risks associated with it. For example, the HR department may only work with a few applications, but the product development teams will use multiple tools and applications that not only require constant updates, but must stay up and running to facilitate productivity throughout the entire enterprise. Whether your enterprise is running a single operating system or a combination of several different ones, adopting a UEM solution can provide cut costs, bolstered productivity, and centralized management. Currently the scope of endpoint management covers servers, desktops, laptops, smartphones, tablets, and Internet of Things (IoT) devices. A UEM solution can simplify how these various endpoints are managed and secure all heterogeneous user devices from one central location. With all that said, effective endpoint management, when looped into your existing IT service management (ITSM) and IT operations management (ITOM) practices, can produce impressive results. UEM simplifies endpoint management Chapter 1 Understanding the compelling need for unified endpoint management (UEM) 1 2
  • 4. The same study found that 27 percent of surveyed companies reported a failed audit in the prior 18 months, of which 81 percent could have been prevented with a patch or configuration change. Similarly, 26 percent reported a breach, of which 79 percent could have been prevented by those same two measures. Users are constantly making changes to information through their devices, whether it's on laptops or smartphones. In this era of evolving IT environments, you need firm control over user devices, regardless of their location. Most cyberattacks exploiting operating system and application vulnerabilities can be avoided by deploying patches over the internet, without waiting for remote devices to reach your enterprise network. Patching, combined with flexible configurations and deployment capabilities, will drive seamless security for your network. UEM drives seamless IT security With all the applications and operating systems that are updated and monitored centrally, users will spend less time concentrating on application level security, allowing them to focus their UEM improves productivity and keeps users happy Regardless of the number of endpoints checking in and out of your network each day, you're responsible for keeping your security gateways safe from intruders. Managing a heterogeneous environment by deploying security configurations for applications, firewalls, browsers, and hardware can reduce security risks exponentially. For instance, a simple firewall configuration to disable SMBv1 and port 445 could have prevented the EternalBlue exploit, leaving WannaCry stuck within a single, infected system. Understanding user behavior will not only help business decision makers formulate strategies that will help strengthen their IT security and improve employee productivity, but it will also help them better direct their investments. UEM gives you a bird's-eye view of your IT environment; it provides you with proper reporting capabilities, allowing you to make better business decisions, like whether you should purchase new hardware and software, renew applications, and more. With improved visibility, you can formulate a better IT management strategy—which leads to a better business. UEM facilitates better business decisions Usage stats come in handy when determining whether or not you have enough licenses for the commercial software used in your network. It's important to track things like the number of devices using each software, as well as the number of times each software is being used and for how long. If you discover that you're not actively using all the licenses you've purchased, you can save money by not renewing those extra licenses. Technical stuff When the key to all your devices is in one place, you need the right formula to ensure data security and safety. Patching and whitelisting should be your first steps of defense, which will help you avoid most cyberthreats. According to a study by research firm Voke Media, of the 318 companies examined, more than 80 percent of breaches occurred due to outdated operating systems and application patches that had been pending for over a year. Note In 2017, WannaCry ransomware wrecked havoc around the world, infecting hundreds of thousands of computers across the globe. This outbreak was traced back to a known vulnerability in Windows computers called EternalBlue, which WannaCry exploited. Companies that failed to patch EternalBlue after the WananaCry outbreak also faced the risk of Petya and NotPetya ransomware a few months later. Remember attention on other aspects of their jobs. UEM keeps endpoints up and running, which eliminates downtime and helps employees reach project deadlines without any technological hiccups. Technical stuff End of chapter 1 3 4
  • 5. 2018 has continued the trend of organizations improving employee productivity by providing them mobile devices, with smartphones, Chromebooks, and tablets already dominating work culture. Managing all these endpoints from one spot can be convenient, but only if the challenges surrounding endpoint management are handled in an effective way. This chapter introduces a few major challenges every IT department faces when moving towards a more mobile workforce. Each organization's culture varies from the next; likewise, the devices existing in an organization's environment differ for each department. Economics runs on the principle of supply and demand; successfully supplying a market's demands will result in profitable business. That philosophy can apply to IT department as well—if you supply your IT department with the tools they need to effectively perform tasks, you'll see more efficient work from their department, which will, in turn, free them up to work on other, more pressing matters. Mobile workforce Desktops, laptops, smartphones, tablets, and IoT devices all can be breached into one way or another if their security layers are not properly scrutinized. As more devices are added to an enterprise's network, the likelihood of that network falling victim to an attack increases. IT security begins with endpoints. Most high-alert security breaches are avoidable with secure and well guarded endpoints. Something to consider Chapter 2 Challenges in managing endpoints Remember 5 6
  • 6. Many organizations are compiled of different devices ranging from old, outdated OSs like Windows XP to the more recent, like Chrome OS. Effectively securing all these devices in a central location marks a huge milestone for security professionals. Enterprises that fail to reach this milestone are still highly vulnerable to cyberattacks and zero-day exploits. Managing multiple architectures Each operating system comes with its own pros and cons; Windows comes with better developer compatibility, macOS offers designer harmony, and Linux excels with server adaptability. But it's the IT administrator who has to unify different operating systems—this is where an endpoint management tool comes in handy. Windows, macOS, and Linux management A UEM solution that supports multiple Linux distributions, with support for virtual machines and hypervisors, can facilitate server management. With support for both Windows and macOS, you'll feel simply tickled pink. Organizations often have many different third-party applications that require innovation and dependability. From business meeting software like Skype to document applications like Adobe, third-party application software has proven its worth for most enterprises. Managing all these different, complex, new, and obscure third-party applications from a single console can fix zero-day exploits and prevent remote code executions. Third-party application management Browsers are some of the most used third-party applications, making them one of the biggest doorways for an attacker to breach. Neglecting updates on these applications leaves attackers with an open door to your network. Fireball, an adware that took down browsers during July 2017, affected more than 250 million computers worldwide. With the right third-party application management procedure in place, this and similar outbreaks could've been avoided by updating the vulnerable browsers and deploying remote scripts to the machines for complicated threat or vulnerability handling. Android, iOS, and Windows device management A growing trend among enterprises is the adoption of a bring your own device (BYOD) policy. With users switching between public networks and corporate networks, securing the data stored on their BYOD devices from the tide of malware and man-in-the-middle attacks has never been more important. A unified endpoint management system can bring mobile devices running on Android, iOS, and Windows within your enterprise's management reach. With UEM, you can transfer confidential documents between employee devices, whitelist apps that can exist on your employees' devices, identify lost or stolen employee devices, and wipe corporate data in remote devices. Tip Gartner has stated "Through 2020, 99% of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year." When considering this projected statistic, the idea of ignoring patches and updates sounds downright irrational. In 2017, a string of major ransomware attacks, including WannaCry and NotPetya, exploited unpatched computers, resulting in billions of dollars in damages. And the infamous Meltdown and Spectre vulnerabilities from early 2018 places nearly every computer running a modern processor at risk, unless properly patched. These examples alone should be enough of a reason to strengthen your network security and begin deploying patches on time. Demand for proactive security It's highly unlikely that you'll be able to physically access all your network's devices for troubleshooting, especially with the growth enterprises experience each year. You need to be able to remotely troubleshoot systems, fulfill remote deployment requests, run scripts remotely, and other tasks from a central location, regardless of whether the devices are on a LAN or WAN. Remote troubleshooting keeps SLA resolutions times low by enabling multiple requests to be handled quickly. With proper remote control capabilities in place, enterprises can fix nearly any issue from anywhere. Handling user requests with remote deployment and troubleshooting IT security is a never-ending process. Efficient IT security requires effective handling of different ITSM and ITOM dependencies. You can either employ different procedures to handle this, or try using a product that has good integration capabilities. If you're able to look into tickets and resolve any IT operation-related issues from a single console, your productivity will improve, thereby reducing SLA resolution times. Single console for diversified IT security Resolving issues related to troubleshooting, deploying software to remote devices, and restarting or shutting down computers remotely, all from your ticket window, can be especially handy. You should also utilize one-click access to multiple device management capabilities and combine ITSM and ITOM together to get a complete ITIL implementation. Technical stuff Technical stuff Technical stuff End of chapter 2 7 8
  • 7. Cyberattacks happen everywhere on a daily basis. How can you prevent data theft from ransomware, malware, or trojan attacks? What security measures can keep these threats at bay? This section will touch on some real-time malware prevention measures, which will work for future threats. The Common Vulnerabilities and Exposures (CVE) system recorded 14,712 vulnerabilities in 2017, and just three months into 2018, there have already been over 3,000 vulnerabilities recorded. Considering the number of vulnerabilities discovered every year, enterprises need to identify vulnerabilities in their environment and periodically patch to avoid foreseeable disasters caused by malware, ransomware, or remote code executions exploiting vulnerabilities. With diversified operating systems and applications, enterprises need to ensure all the different type of vulnerabilities are updated in a timely manner, with proper testing and approval status. But doing this manually is a never-ending and near-impossible task. This is where automated patch management comes in handy. Everything from detection, downloading, testing, and deploying patches—the entire patch management cycle—should be automated. Need for automated patch management Even after patching all your OSs and applications, you are still vulnerable to zero-day attacks, which are essentially impossible to predict and avoid. Automatic patching can resolve zero-day exploits as soon as a patch is made available. Remember While deploying patches can reduce the threat of cyberattacks, it can also become a headache for IT admins when vendors do not properly test the patches they release.Things like performance issues can crop up if a patch is hastily made available before its affects have been properly vetted. Should these problems arise, IT administrators need to be able to roll back ineffective patches once they're identified to reverse any changes that disrupt normal business functions. Rolling back patches Chapter 3 Avoiding ransomware, malware, and remote code execution 9 10
  • 8. Intel released fixes for Meltdown and Spectre several days after the vulnerabilities were reported. These patches worked well on Meltdown, but Spectre's initial patch release resulted in negative impacts on performance, even causing some systems to crash. This is where rolling back patches comes in handy. Though most security procedures can be reinforced with proper patch management, there are certain security threats that require a more customized fix. Beyond application patching, there's still firewall configurations, user privilege management, and file and data management to consider. A single UEM solution can assist with this wide scope of unique security requests that threaten your network. Deploying customized configurations for unique security handling You can prevent unwanted adware and spyware by monitoring user devices, allowing those devices to only browse a limited set of websites and restricting their ability to browse websites outside of that whitelist. Fireball, for instance, could have been avoided if proper browser management was in place. Remember Redefining your firewall based on your enterprise's specific security needs can keep unwanted traffic out of your network. For example, the EternalBlue vulnerability was mitigated by blocking the vulnerable ports in network devices. Not all devices in your network should have access to all data. Defining user and group privileges can limit users' access to data, preventing data loss or theft. TipTechnical stuff Technical stuff End of chapter 3 11 12
  • 9. Organizations are comprised of huge amount of data; keeping track of all this data by monitoring and securing it is an enormous task. To manage this data, you need to sort out inbound flow, storage location, duration of storage, protection, and security measures as well as classify available data and outbound flow. Finally, determining a data retention and deletion period will offer high-level support for data management. Data flows through corporate networks via the internet and can include email, chats, cloud storage, and sharing, as well as physical and internal means including USB devices and mapped network drives or network shares. With the right data filtering capabilities, organizations will retain only known, essential data inside their networks. Inbound and outbound data flow analysis Limit access to confidential documents by configuring your browsers to be restricted to specific websites, configuring your firewall to limit traffic flow, restricting and limiting your USB devices to avoid data transfer, and redefining user privileges. Once data enters an organization, it's the IT security team's responsibility to keep that data intact without allowing a breach or leak. With the right tools, you can identify the network loopholes attackers will exploit to breach your data. There are common and easy touch points for attackers, including unchanged passwords, weak passwords, downloadable mail attachments, BYOD devices, and unpatched or outdated applications. Effectively handling all these loopholes in a timely manner can help keep attackers at bay. Data management, protection, and security Identify unchanged user passwords and local user accounts that exist in a system; define file and folder permissions to limit users' scope of accessible documents. Configuring user and group restriction can also help with data protection and access. Chapter 4 Securing personal data and maintaining user privacy Tip Technical stuff 13 14
  • 10. Information shared by end users is stored in computers and servers; this information is stored in different containers based on where the data is collected from, the type of data, and the need for the data that is collected. To gain control over data stored in computers and servers, data management officers must identify the amount and type of data entering their network, where it's stored, and how it exits the network. Practices like monitoring USB devices, firewalls, browsers, and mapped network drives can help you scrutinize this information and secure corporate data. Managing personal data on desktops Remote code execution can steal data from user machines; with proper security against vulnerabilities, enterprises can avoid remote code execution, as well as data theft. Something to think about In the realm of digital transformation, the world is experiencing major changes due to increased use of mobile and IoT devices. With enterprises moving toward more mobile workforces, keeping employee devices secured from cyberthreats is going to become more challenging and time-consuming. Enterprises who adopt a BYOD policy face greater difficulties surrounding mobile deice management, considering that personal data will undoubtable be stored on these devices. Managing personal data on mobile devices Defining role-based access control can help you hand pick which technicians can access which devices. Lost or stolen devices place corporate data at risk. With MDMin place, you can locate lost devices geographically and even keep sensitive data secure by remotely wiping corporate data on devices that can't be recovered. Remember Tip End of chapter 4 Proper management of mobile devices requires enterprises to differentiate between corporate and personal information. Beyond that, regardless of it's a BYOD or corporate-owned device, you should manage mobile applications, limit unwanted apps from accessing sensitive information by blacklisting them, identify devices that have been jail broken, and take mobile security actions immediately to avoid data theft. You can also make sharing emails and documents more secure with conditional Exchange access and content management capabilities. With the right MDM (or UEM) solution, enterprises can secure personal data on mobile devices. 15 16
  • 11. Enterprise IT security can be maintained with healthy endpoints. To ensure your endpoints are safe and secure, you need to apply several industry-defined best practices, which will set the stage for proper endpoint security. With so many touch points, it's important to map the right security controls with the right tools. 1. Automated patch management Patching is a security procedure that every enterprise should practice to avoid unforseen vulnerabilities. With diversified operating systems and department-specific third-party applications existing inside your network, there's a good chance you could fall victim to a zero-day attack; with automated patching in place, these loopholes can be taken care of in a timely manner before an attacker can exploit them. 2. Script deployment Not all application issues can be dealt with using an automated patch management procedure; some issues have to be fixed by remotely deploying custom scripts to machines. Custom scripts give you an extra hand in support when regular patch management procedures aren't enough. 3. IT asset management With so many different computers, software, and devices existing inside your network, you to be able to see when a device enters or exits your network. With a bird's-eye view over your IT assets, you'll be able to approve and reject devices at a glance, based on their necessity. 4. User and group privilege management Not all users and groups require access to all documents; defining document privileges to a select number of users and groups can help keep data safe and avoid data loss through unknown sources. Role-based access control for mobile devices can limit data usage by technicians in BYOD devices. Chapter 5 Eight best practices for effective endpoint security Improve your enterprise's endpoint security by following these eight best practices: 17 18
  • 12. 5. Firewall and browser configuration Browsers are a primary entry point for data to flow into a network. Control browsers in a network by preventing users from visiting unknown or prohibited sites, which can help regulate what kind of data enters through browsers. Regulating browsers can also help prevent malware or adware from entering the network. Firewalls, on the other hand, can help control traffic in the network by defining the ports that are allowed for communications, which can prevent data flow through undefined firewalls. 6. BYOD device management With mobility and digital transformation driving the future of enterprise workplaces, employees are now using both laptops and smartphones for their day-to-day work routines. You need control over BYOD devices to properly handle personal and corporate data on these devices. 7. Mobile application management (MAM) Outdated mobile apps and inappropriate apps can cause chaos in an enterprise if their vulnerabilities are exploited by an attacker. With proper MAM procedures in place, you can offer security to users' mobile devices by blacklisting and whitelisting applications. Prohibit desktop applications or block unknown EXEs to avoid any possible remote code executions in the future. 8. Data management life cycle You should be able to identify data inside your network, at every point in the data management life cycle. This includes identifying the source of data, where it's being stored, how long it's stored, which protection layers it has, and how that data can leave the network. With constant warnings about idle user accounts, idle shared drives, unknown USB devices, and unrecognized software and hardware, you should feel ready to make sure endpoint security is on the right track. 19 20 End of chapter 5
  • 13. A unified endpoint management solution can help your organization achieve all eight of these security best practices, and keep your endpoints safe. With so many vendors in the market offering similar capabilities and features, the tool you choose will depend on your enterprise's specific demands. ManageEngine Desktop Central is a unified endpoint management solution that can manage servers, laptops, desktops, smartphones, and tablets from one central location. Desktop Central supports endpoints running Windows, macOS, Linux, Android, and iOS, as well as over 300 third-party applications. Automate all your IT administration tasks with Desktop Central. ManageEngine's UEM solution Not ready to make the switch to UEM? Implement an enterprise mobility management solution like Mobile Device Manager Plus to make sure your mobile devices are secure. Mobile Device Manager Plus helps in managing Android, iOS, and Windows devices from one central location. This tool offers mobile device management, mobile application management, content management, remote wipe, GPS tracking, email management, containerization, device management, and more. Automate all your mobile device management tasks using Mobile Device Manager Plus. ManageEngine's EMM solution Try it now free for 30 days Try it now free for 30 days The answer is a UEM solution 21 22 Request for a demo Request for a demo
  • 14. Giridhara Raam is a product expert and cybersecurity analyst at ManageEngine, a division of Zoho Corp. He works with endpoint management solutions, analyzing Desktop Central, Mobile Device Manager Plus, Patch Manager Plus and Patch Connect Plus. About Author He also immerses himself in cybersecurity research from an endpoint management context. He wrote an e-book on cybersecurity, entitled “Six best practices for escaping ransomware” and on GDPR, entitled “14 endpoint management features that can help you achieve & sustain GDPR compliance”. You can listen to his cybersecurity webinar on YouTube.