everyone welcome back to intermediate endpoint Security course. In this model, I'm going to talk about management control, off endpoint devices, and in this lesson in particular, I'm going to focus on what do you need to manage in orderto do some successful
And also, why do you need the management? So let's focus first on this
So you need management because it's the only way to uphold to define policies.
That means that you have defined something that has to be part off every devices sick endpoint devices, security in your network.
You need to manage it, meaning you have to be able to look at these devices remotely and find out if these things are actually present on these devices. For example, if you're using anti virus, you need to see if anti wires is installed. Why? Well, you installed it once,
maybe somebody has uninstalled. It may be a user that doesn't know a lot about
things like firewalls are blocking
unwanted programs to run,
wanted to install something, and then they got the message from the anti wire software that is blocking its installation. And they asked somebody and that somebody is how it's anti wires you have turn install it. And because that user had the administrator player privileges on his account PC,
he was able to install anti virus software.
And then because anti virus operas uninstalled though that PC is no longer protected by virus, is the only way to do it is to have some kind of management software management that will check on this and see if these things were done.
the second, the reason why you need management is to be able to look at all the endpoint devices installed on the network, for example, all the PC's on the network
and notice if some of these devices that are connected to a natural don't actually have a right to do that. So, for example, you have, ah WiFi company y fine in your office space? No. And people. Usually they connect to the world cable that is under desks, but sometimes they go toe
some kind of meeting room local meeting room,
and then they have to use the WiFi.
And then you have a problem, because if somebody else has found a way to use that by five, connect to your network. You at least have to see that there is some unauthorized sitting inside your network because if they are inside your network, taking and do a lot of things
and just remember for them to connect to your wife had they just need to know the password.
And the third reason why you need management is to handle changes that arise in the process of business development. So, for example, you have to push Tual devices. Some, um, software. You need some kind of management tool to do that. Also,
I found out that your current password policy is not okay. You have to push that policy down to every PC so that users have to change their passwords and, for example, instead of eight characters used well,
So what needs to be even managed? You need to manage hardware, so not only to manage harder from a security perspective. But you need to actually manage configurations of devices because maybe somebody has stolen some memory from their desktop or PC or laptop
or, ah, they have installed additional hard drive, which is, for example, not encrypted or stuff like that.
You have to manage off operating system settings. You have to be sure that operating system is up to date.
Then you have to manage all the suffering that installed in devices not only from security perspective but also to keep your company from being liable. For example, if somebody installs
Pirated softer than it doesn't matter that that person did, the company can still be find in some countries or just taken to court in pretty much every country.
And also you have to manage behavior users in terms off if they're constantly doing one thing, and then suddenly there PC starts looking at some other spit places inside the network. That may be a sign that somebody has actually taken over that BC, and is doing things that they're not supposed to.
And also you have to manage their passwords. As I said, you have to manage. How
long is the minimal password? Is it changed often enough and stuff like that?
Okay, so let's let's talk about managing harder. So the first thing, as I mentioned, is harder supposed to be allowed on the network
and there are two ways to do it. You. One thing is just to look reactively and see if something is there or to make some the
let's say, stoppings stop signs that will not allow
any device. It has not been configured and equipped with some agent software tools
to log on to corporate network it also. For example, if you're logging on a WiFi, if you don't have the tool,
uh, life, I will simply not like you again,
although you have password on and the second thing is to see, bias is set up according to policies, so bars is below the operating system, and this is an issue big issue because
you don't usually check these things. But, for example, the bias is not set bias Password is not set. Then somebody can change in a bio. Some restrictions. The typical restriction would be that the Wise will not accept USB
memory flash drives so it will accept he was being mows. It will accept USB keyboard USB had set
but not USB memory device because that can in fact, the PC. So if somebody has access bios and change these things, then you have a problem
and the best possible way would be if you have the software and tools to automatically implement all the policies, then you don't have to worry. Once the user is connected to the agent. Inside, it runs the automatic in plantation.
So regarding operating system settings, you have to establish remote connection policy. The best one would be that whenever a user is outside the corporate network, they have to first connect to VPN before they can do anything. Then you have to manage User writes the most.
The smartest thing is not to allow users toe have admin privileges on their PC.
You have to go manager the way they're logging on the onto system. You have too many blocking files and the account policies regarding, for example, email accounts and similar stuff.
The whole thing about operating system settings and and managing operating system is a subject two completely different course. But what I said here is enough for you to have the idea what what needs to be managed.
So we have finished with new things in our circle back and check on what you have learned. Question is what is not the subject of endpoint management. So is it our operating system settings? Is it BYO settings, or is it driver settings. Correct answer is
driver settings, and they said the operating system settings by settings. This is a thing that you should always take care of and manage it driver settings, thistles, something completely different.
So in this video, you have learned about what needs to be managed for security purposes on point devices, and why do you need to manage these things and your next lesson? We're going to continue with some of these topics in detail.