Endpoint Protection
In today's economy balancing ease of doing business with
endpoint security is a challenge. With the emergence of consumer
technology in the workplace, social networking, Web 2.0
technologies and increasingly sophisticated cyber criminals,
securing your endpoints is an uphill battle.
How it Works
1. Discover: Scan for and remove
all known malware to establish a clean environment. Identify all
executable files, collect profiles and organize into pre-defined
file groups.
2. Implement: Assign permissions
for applications to run based on executable, user, or user group
attributes; use an application whitelist approach to ensure that
only authorized and trusted applications can run on endpoints.
Continue blocking known malware and use behavioral analysis tools
to assess new unknown code which may or may not be legitimate.
3. Monitor: Monitor the
effectiveness of endpoint security policies in real time; identify
potential threats by logging all application execution attempts and
recording all policy changes and administrator activities. Maintain
ongoing antivirus scanning to identify and remove any "dead
malware" that, although prevented by application control, is still
present on endpoints.
4. Report: Demonstrate policy
compliance and ensure software license compliance by drilling down
on suspicious behavior for security or legal follow-up. Report on
malware prevention and remediation, on behavior of unknown or
suspicious code, and on current threat levels.
