Tuesday, July 11, 2006

End Point Security

Endpoint security is a critical element to an information security policy.

--Consider an investment in extra hardware and software beyond the security package itself.
--Think less about internal routing and firewalling and more about individuals and clients, nodes and endpoints.
--Visitor isolation is absolutely necessary and a big benefit of endpoint security.
--Be wary of bleeding-edge, proprietary technologies. However, leading-edge technology can benefit the organization.
--Endpoint security requires active user involvement, at least to the point of responding when a pop-up comes on the screen informing the user that his laptop is quarantined until he upgrades his virus definitions or turns on his laptop's personal firewall.

In my opinion, the key to effective end point security is less on technology, although some is certainly required, and more on human behavior.

No comments: