Digestible IT Bites

Device Protection

Written by Stefan Koch | 07.02.2024 11:26:29

In this part of our business communication security series we will take a look at device protection. It lies in the nature of the topic to be vastly more complex than most of the other disciplines. Apparently, it totally depends on the perspective. Corporates have much different and more extensive requirements compared to a private user.

Despite of the fact that this topic simply can't be covered in a short article, we will take a look at the core components to get you a little bit more familiar with it.

 

 

Table of Contents

 

 

 

 

Endpoint Protection

Endpoint protection solutions have the task to protect you and your device from malicious files, attacks from the outside and also phishing attempts. These days those softwares are a combination of virus & threat protection, app & browser control measures, device security as well as firewall & network protection. Some of those topics we wont cover in this topic as they belong to different disciplines like network protection & security.

When we talk about "endpoints" I mean all devices which run on an operating system. This can be smartphones, tablets, laptops, workstations, servers but also storage systems and various other. Most of the operating systems these days come with an integrated endpoint protection solution. Microsoft in example provides the "Windows Defender" by default, which, according to my personal experience, grew to a very solid and reliable solution. In certain scenarios I would not even recommend a 3rd party solution as Windows Defender is absolutely sufficient. But there are other examples like Linux where you don't find a pre-installed endpoint protection.

Also, in corporate environments there might be specific requirements to such a solution which need to be properly evaluated. Usually, you want a centrally managed solution which works for several operating systems like Sophos, Bitdefender and others.

 

iOS and Android

On smartphones an endpoint protection can be of help but I wouldn't recommend installing one by default. iOS devices are comparatively secure whereas I see some infected Android device here and there. Like always: devices usually only get infected when a file is downloaded and executed. This often happens via E-Mail, chat, etc. and via classical phishing. Especially users who know that they are unable to detect such attempts or are simply incautious should think about an endpoint protection solution for their smartphone.

An attacker either wants to steal personal data or conquer your device to utilise it for their purpose. Both scenarios are horrible situations and unacceptable. So, the only question you need to ask yourself: how much am I possible to prevent those events? If not at all or much you should talk to someone experienced and utilise an endpoint protection solution.

 

Password Protection

Our article password security is a great fundament for this section. I want to make it simple - there is no scenario in which a device doesn't need a password! A password should have an adequate complexity like we described in the above mentioned article. Personally, I refuse PIN's with 4 digits as they can be hacked easily - 6 digits is the minimum to go for smartphones!

The excuse "I don't have anything important saved on this device or I don't have anything to hide" doesn't count for me and will never! If your device gets conquered and taken over, you potentially harm other people as well as you don't know for what purpose the attacker will use your device. This extended responsibility comes with using modern technology and we can't hide from it.

 

Device Encryption

Meanwhile we live in a world where most devices are mobile. Be it a smartphone, tablet, laptop, etc. - we carry them in our pockets and bags on a daily basis and we expose our devices to the risk of getting stolen or lost. Encryption became standard over the last years... our website connections must be "https" encrypted and we also expect that our highly sensitive medical data is encrypted on servers. The same applies to your personal devices (in corporate environments it's usually standard anyways and enforced by policy) so it's highly recommended to encrypt them. All modern operating systems provide a native function for encryption which makes it easy to adopt.

 

Conclusion

It's not only important to protect your devices with appropriate mechanism and technologies but also to stay up to date with recent attacking strategies. Additionally, you must maintain your endpoint protection by updating it frequently and also make sure that they are active and working. By selecting wisely from which sources you download your software and other content you can already prevent many successful infiltration attempts. I wish you a secure journey in your digital world!

Find us on social media as well!