Users love to have Internet access, and most of the time that’s not a bad thing. They can do research, check out customers and competitors or find sample code or examples of solutions that they can implement to solve your business’ challenges. They can even take a quick mental break and look something up just for fun, as long as they don’t let it hurt productivity, and as a sysadmin you’re probably fine with that. But then someone goes and hits a compromised website, or downloads some inappropriate content or an infected file, and suddenly you have to play the role of Internet cop, and start locking things down.
You deploy Internet monitoring software, and probably find out a little bit more about some of your users’ interests than you really needed to know about. And while that is protecting your users from compromised websites and malware downloads, it unfortunately also leads to having to take steps to ensure that the Internet is being used for work appropriate things, rather than after hours appropriate things. You start having to block sites. And that seems to go well for a while too, but then you start to deal with an increasing number of infected machines. But how is this happening when you have Internet monitoring in place?
A little digging, a little questioning, maybe even a little cajoling, and you find out that users are no longer using your filtered Internet connection. They are tethering their mobile phones or plugging in little USB cellular modems and using their data plans to circumvent the protections you put into place! Now what are you supposed to do?
This is where endpoint security comes to the rescue. USB devices can present any number of security risks, from malware stored on portable drives, to enabling mass data exfiltration, to enabling users to bypass the web filtering software by using their mobile phones and USB cellular modems. With endpoint protection, you can control what users can, and cannot, connect to their workstations. You can report on what is being connected and by whom, and then create both whitelists and blacklists to control just what is and is not allowed on company resources. You can allow USB keyboards and mice; even storage if appropriate. Better still, you can enforce encryption on that removable storage so that thumb drives and external hard drives don’t become the source of the data loss that lands your company as the lead story on the nightly news.
Using endpoint security is not only a great way to enhance your overall security, it helps to ensure that users don’t inappropriately bypass your web filtering solution. Combining web filtering with endpoint security makes sense for any company looking to deploy a layered defense and ensure that they are protecting their users, their customers and their corporate resources as thoroughly as they can.