Endpoints are physical objects that are touched most frequently by users in an information security system, both domestically and overseas. You can access companies’ confidential information, and such information is often stored on an endpoint.
In general, when malware starts acting, it does so in an endpoint. A series of actions such as intrusion, execution of an unauthorized program, and infection are carried out within the endpoint.
In line with these facts, best practice for endpoint security in the zero trust model should be as follows:
① Detection and management of all devices connected to a network
② Application of the latest OS, security software, and security patches
③ Minimization of user privileges
④ Periodic detection and modification of vulnerabilities
⑤ Swift modification of lost or infected devices
The most important point when introducing endpoint security is to cover all the devices you are using and incorporate them under management. Then, take security measures suitable for the organization’s security policy and make periodic improvements to maintain the optimal security level.