Insync Tech Talk , Security , | 2021/01/25 at 9:25am

Your devices are an entry point for hackers, it’s time to pull up the metaphorical drawbridge

In our recent article Why you need to protect employee identities in order to secure your organisation, we delved into identity management. Another core pillar integral to a robust security strategy is device management.

According to the Australian Cyber Security Centre’s Annual Cyber Threat Report, ransomware has become “one of the most significant cyber threats facing the operation of private sector organisations.” With the rise of ransomware and malware, taking measures to shore up your first line of defence has become a critical activity for any organisation, regardless of industry or sector.

 

What does good device management look like and why do we need it?

Device management is important because, in laymen’s terms, it gives you endpoint protection and remediation.  On the most basic level, this means ensuring all devices used by your employees have appropriate anti-virus protection installed.

Anti-virus is one small component of device management, to really secure endpoints you also need to set and enforce clear policies,” says Ross Newton, Senior Consultant, Insync Technology.

The policies Ross refers to includes configuring your Microsoft environment to maintain good mail and file hygiene and prevent attacks via defined spam filters.

The first thing to do is make sure you are running a modern endpoint. For Insync and our customers, this means running in Windows 10 and nothing else. The most recent software has the strongest security capability and offers a variety of tools to assist with device management,” adds Ross.

 

Check the resources available in your armoury

Microsoft 365 offers an array of built in functionality to strengthen your defences. These include Mobile Device Management (MDM) tools like Microsoft InTune and Endpoint Manager.

When correctly configured, InTune and Endpoint Manager provide visibility across your organisation and can identify threats or system health issues as, if not before, they happen. This does require some thought and skill to set up but it is worth the investment. By setting controls aligned with your policies you can push the configuration out to the endpoint and validate it’s state, is it healthy or not?” explains Ross.

Other secret weapons in the Microsoft 365 armoury include Microsoft Defender, a built-in anti-virus solution that ties in with the Microsoft Cloud protection suite. The intelligent software uses pre-set and configurable metrics to signal into a Cloud based endpoint manager and, if a virus or malware appears, it auto detects it and locks down the device to prevent access and control damages.

Device management is not as simple as it once was, these days there’s a lot more to it than just installing an AV solution. When we onboard devices, we generally need to do some work around policy translating and updating. Sometimes there might be multiple MDM or group policies and this needs to be configured into InTune. In doing this, we can guarantee visibility across all endpoints, Windows devices and mobiles, within a corporate environment,” adds Ross.

 

Not securing your devices is akin to unlocking the front door and leaving it open

Failure to secure your devices can result in a number of unpleasant scenarios. These scenarios are further heightened by sloppy security across the board, but according to Ross, either way the risks are endless.

“If you don’t have visibility of your devices, you are opening yourself up to malware and ransomware getting access to your resources, your data and all of your IP. Once malware is on a device, hackers can start harvesting credentials, send these out and suddenly you have multiple unknown users able to access your commercial information,” says Ross.

By focusing on device management as part of your holistic security strategy, you can ensure your endpoints are protected and you can prevent the entire nightmare from ever unravelling.

“With the basics bedded down, you can them focus on things like email hygiene. Do you have the right filters in place, have you got the Anti Spam and malware settings correctly configured?” adds Ross.

 

Just one piece of the puzzle

Whilst device management can be implemented independently, it is most effective when looked at in alignment with identity management.

The more you implement, the more cross signalling you get, the more secure your organisation is. One product or policy can feed signals and metrics into another product to give you a more holistic view of what is happening. Plus, if malware succeeds in running, and a device is infected, this will trigger the connected identities to become locked down and protected. Basically, the greater the level of integration between the two, the more protected you are,” says Ross.

As with many functionalities within the Microsoft 365 environment, whist the capability exists, it needs to be configured and activated. When starting with a blank canvas, it can be difficult to know where to start.

“It’s a blank canvas to start with, not turned on, not enforced. In order to be effective, you need to configure your device management from scratch. It’s logical really to seek advice from people who specialise in this configuration,” concludes Ross.

How secure are your devices? Find out how Insync can help level up your security and protect your IT investment. Contact the team today.