|
Control
|
Control definition/ requirements
|
How Endpoint Central helps
|
| 5.Organizational controls |
|
5.7 Threat intelligence
|
Information relating to information security threats should be collected and analyzed to produce threat intelligence.
|
Endpoint Central provides comprehensive vulnerability management in terms of constant assessment and visibility of threats from a single console. It also has in-built remediation to resolve the detected vulnerabilities.
It supports patching for Windows, Mac, Linux, and over 850 third-party applications. Additionally, it manages updates for Windows, iOS, Android, ChromeOS, firmware, and mobile applications.
|
|
5.9 Inventory of information and other associated assets
|
An inventory of information and other associated assets, including owners, should be developed and maintained.
|
Endpoint Central helps maintain an inventory of all endpoints (including mobile devices) and software assets, and manage them from a central console.
|
|
5.11 Return of assets
|
Personnel and other interested parties, as appropriate, should return all the organization’s assets in their possession upon change or termination of their employment, contract, or agreement
|
With insightful dashboards and out-of-the-box asset reporting capability, IT admins can have complete visbility over thir endpoint assets.
|
|
5.12 Classification of information
|
Information should be classified according to the information security needs of the organization based on confidentiality, integrity, availability, and relevant interested party requirements.
|
Endpoint Central enables IT admins discover and classify various types of structured as well as unstructured data using advanced mechanisms such as fingerprinting, RegEx, file extension based filter, and keyword search.
|
|
5.13 Labeling of information
|
An appropriate set of procedures for information labeling should be developed and implemented in accordance with the information classification scheme adopted by the organization.
|
Endpoint Central can help find, analyze, and track sensitive personal data, such as PII and ePHI, in your network. |
|
5.15 Access Control
|
Create and implement rules to control physical and logical access to information and associated assets based on business and information security requirements. |
Endpoint Central leverages the principle of least privilege and has a robust endpoint privilege management capability, providing for application specific privilege management and just-in-time access to the end users.
Endpoint Central's Application Control module allows the admins to allowlist/ blocklist software applications in critical endpoints.
It has conditional access policies to validate authorized users to access business critical systems and data
|
|
5.17 Authentication information
|
Control the allocation and management of authentication information like passwords. |
Endpoint Central enables administrators to set passcode policies for mobile devices running on Android, Apple, and Windows, ensuring end-users create strong passcodes for their devices. The policy enables admins to configure the maximum number of failed passcode attempts, maximum idle time allowed before auto-lock and many other configurations. |
|
5.18 Access rights
|
Manage, review and modify access rights to data and assets in line with organization policies and access control rules. |
Endpoint Central leverages the principle of least privilege and has a robust endpoint privilege management capability, providing for application specific privilege management and just-in-time access to the end users.
Endpoint Central's Application Control module allows the admins to allowlist/ blocklist software applications in critical endpoints.
It has conditional access policies to validate authorized users to access business critical systems and data
|
|
5.28 Collection of evidence
|
The organization should establish and implement procedures for the identification, collection, acquisition and preservation of evidence related to information security events |
In case of a suspicious event recorded into you IT network, following details will be sent to your Network Administrator/ SOC team
Attack Details:
Detection Time -
Reported Time -
Attack Status -
Agent Action -
Attack Criticality - Low/ Medium/High
Detection Source - Behaviour Engine
Image Path -
Process Name -
SHA256 -
Command -
Endpoint Details:
Endpoint Name -
Domain Name -
Endpoint Status -
Endpoint Version -
Activated Time -
Last Contact Time -
|
|
5.30 ICT readiness for business continuity
|
ICT readiness should be planned, implemented, maintained and tested based on business continuity objectives and ICT continuity requirements |
Endpoint Central has a built-in next gen antivirus engine (currently available as early access) that proactively detects cyber threats like malware with its AI-assisted, real-time behavior detection and deep learning technology.
Apart from real-time malware detection, Endpoint Central also actively performs incident forensics so that SecOps analyze the root cause and severity of the threats. If the next-gen antivirus engine detects a suspicious behavior / malware in endpoints, it can quarantine those endpoints and, after a thorough forensic analysis, can be deployed back into production.
Endpoint Central also provides instant, non-erasable backup of the files in your network every three hours by leveraging Microsoft's volume shadow copy service. If a file is infected with ransomware, it can be restored with the most recent backup copy of the file.
|
|
5.31 Legal, statutory, regulatory and contractual requirements
|
Legal, statutory, regulatory and contractual requirements relevant to information security and the organization’s approach to meet these requirements should be identified, documented and kept up to date |
Endpoint Central can help organizations comply with several regional and global data privacy mandates and information security standards, such as the GDPR, CIS Critical Security Controls, NIST Cybersecurity Framework, and more. |
|
5.32 Intellectual property rights
|
The organization should implement appropriate procedures to protect intellectual property rights
|
Endpoint Central can help you find, analyze, and track sensitive personal data—like patents, contracts, and other residing in your networks
|
|
5.33 Protection of records
|
Records should be protected from loss, destruction, falsification, unauthorized access and unauthorized release |
Endpoint Central can help prevent corporate data leakage into the public cloud, webpage printing, peripheral devices, and clipboards.
It also has conditional access policies to validate authorized users to access business critical systems and data
|
|
5.34 Privacy and protection of PII
|
The organization should identify and meet the requirements regarding the preservation of privacy and protection of PII according to applicable laws and regulations and contractual requirements |
Endpoint Central helps comply with several privacy laws like GDPR, DPDPA, POPIA, CCPA and LGPD, etc
|
|
5.36 Compliance with policies, rules and standards for information security
|
Compliance with the organization’s information security policy, topic-specific policies, rules, and standards should be regularly reviewed. |
Endpoint Central has comprehensive reporting capability. Apart from providing deep insights about endpoint estate, it can also be used for governance and auditing purposes. |
| 6.People controls |
|
6.7 Remote working
|
Security measures shall be implemented when personnel are working remotely to protect information accessed, processed, or stored outside the organization’s premises |
Endpoint Central leverages 256-bit Advanced Encryption Standard (AES) encryption protocols during remote troubleshooting operations. Endpoint also can run on FIPS mode, to ensure a safe and secure operation. |
| 7.Physical controls |
|
7.10 Storage media
|
Storage media shall be managed through their life cycle of acquisition,
use, transportation, and disposal in accordance with the organization’s
classification scheme and handling requirements |
Endpoint Central with its peripheral device management capabilities allows you to block/ restrict external storage devices and can enable your admin create a list of trusted devices your end users can use in their endpoints |
|
7.14 Secure disposal or re-use of equipment
|
Items of equipment containing storage media shall be verified to ensure that any sensitive data and licensed software has been removed or securely overwritten prior to disposal or re-use. |
Endpoint Central helps admins perform remote wipes to ensure corporate data security in case a device is lost.
Endpoint Central also has Enterprise Factory Reset Protection so that device used by ex- employee can be reprovisioned to current employee of your organization.
|
| 8.Technological controls |
|
8.1 User end point devices
|
Information stored on, processed by, or accessible via user end point devices shall be protected.
|
Endpoint Central can find, analyze, and track sensitive personal data residing in your networks. It also has personal and corporate data containerization. |
|
8.2 Privileged access rights
|
The allocation and use of privileged access rights shall be restricted and managed |
Endpoint Central leverages the principle of least privilege and has a robust endpoint privilege management capability, providing for application specific privilege management and just-in-time access to the end users |
|
8.3 Information access restriction
|
Access to information and other associated assets shall be restricted in accordance with the established topic-specific policy on access control.
|
Endpoint Central leverages the principle of least privilege and has a robust endpoint privilege management capability, providing for application specific privilege management and just-in-time access to the end users.
It has conditional access policies to validate authorized users to access business critical systems and data |
|
8.5 Secure authentication
|
Secure authentication technologies and procedures shall be implemented based on information access restrictions and the topic-specific policy on access control. |
Endpoint Central helps in leveraging Windows' Hello for Windows devices. Admins can also configure Two- Factor authentication for Windows end- users.
To ensure safe access to corporate application, Endpoint Central leverages enterprise SSO using kerberos protocol. Endpoint Central also leverages Certificate Based Authentication using SCEP
|
|
8.6 Capacity management
|
The use of resources shall be monitored and adjusted in line with current
and expected capacity requirements. |
With Endpoint Central, admins can analyze software usage duration and the number of times the software is used. With these insights, they can make informed decisions on software purchases while also determining peak usage trends in their IT.
Endpoint Central has a license management feature to assess if you have adequate software licenses for your users.
Also, it allows the admins to keep a tab on soon-to-expire and expired software licenses.
|
|
8.7 Protection against malware
|
Protection against malware shall be implemented and supported by
appropriate user awareness.
|
Endpoint Central has a built-in next gen antivirus engine (currently available as early access) that proactively detects malware with its AI-assisted, real-time behavior detection and deep learning technology.
Apart from real-time threat detection, Endpoint Central also actively performs incident forensics so that SecOps analyze the root cause and severity of the threats.
If the next gen antivirus engine detects a suspicious behavior in endpoints, it can quarantine those endpoints and, after a thorough forensic analysis, can be deployed back into production.
|
|
8.8 Management of technical vulnerabilities
|
Information about technical vulnerabilities of information systems in use shall be obtained, the organization’s exposure to such vulnerabilities shall be evaluated and appropriate measures shall be taken. |
For both critical and non-critical information systems, Endpoint Central provides for risk-based vulnerability management so that admins can prioritize the vulnerabilities based on metrics like CVSS score, patch availability, and much more.
Endpoint Central provides comprehensive vulnerability management in terms of constant assessment and visibility of threats from a single console. Apart from vulnerability assessment, it also provides built-in remediation of the vulnerabilities detected
|
|
8.9 Configuration management
|
Configurations, including security configurations, of hardware, software,
services and networks shall be established, documented, implemented,
monitored and reviewed. |
With Endpoint Central, admins can prohibit users from installing unnecessary software and can create list of software which are allowed/ blocked in their IT environment.
Endpoint Central also can block executables feature, preventing the files from automatically getting executed. Endpoint Central also empowers admins to control the Child processes arising out of other applications.
|
|
8.10 Information deletion
|
Information stored in information systems, devices or in any other storage media shall be deleted when no longer required.
|
Endpoint Central helps admins perform remote wipes to ensure corporate data security in case a device is lost. |
|
8.12 Data leakage prevention
|
Data leakage prevention measures shall be applied to systems, networks, and any other devices that process, store or transmit sensitive information |
Endpoint Central offers advanced data leakage prevention capabilities, enabling the detection and classification of personally identifiable information (PII). It provides complete control over data flow within your IT environment by allowing administrators to configure policies for data transfers through cloud services and peripheral devices.
With its BYOD policies, Endpoint Central ensures a clear separation between personal and corporate data on end-user devices, maintaining privacy and security.
|
|
8.13 Information backup
|
Backup copies of information, software, and systems shall be maintained and regularly tested in accordance with the agreed topic-specific policy on backup. |
Endpoint Central also provides instant, non-erasable backup of the files in your network every three hours by leveraging Microsoft's volume shadow copy service.
If a file is infected with ransomware, it can be restored with the most recent backup copy of the file.
|
|
8.15 Logging
|
Logs that record activities, exceptions, faults and other relevant events shall be produced, stored, protected and analysed |
For auditing critical computers having sensitive applications, User Logon reports can help admins track users' access to critical endpoints.
Endpoint Central also provides detailed audit reports containing access requests for popular blacklisted applications
|
|
8.16 Monitoring activities
|
Networks, systems and applications shall be monitored for anomalous behaviour and appropriate actions taken to evaluate potential information security incidents |
Endpoint Central has a built-in next gen antivirus engine that proactively detects anomalous behavior with its AI-assisted, real-time behavior detection and deep learning technology. |
|
8.19 Installation of software on operational systems
|
Procedures and measures shall be implemented to securely manage
software installation on operational systems. |
Endpoint Central's software deployment feature helps in securely installing software applications into the end-users' systems. It also can provision software packages into End-users' self service portals so that they can install the software at their convenience.
Admins can also prohibit users from installing unnecessary software and can create list of software which are allowed/ blocked in their IT environment.
|
|
8.20 Networks security
|
Networks and network devices shall be secured, managed and controlled to protect information in systems and applications. |
Endpoint Central comes handy for admins to configure Windows Firewall for the end-users. SecOps can do a port audit in their environment and reduce their attack surface to a great extent, in case of zero -day exploit using Endpoint Central.
It enables secure browsing by enabling admins to enforce extensive threat protection configurations.
Admins can Block / Restrict their end users from downloading files (which might contain malware) from malicious websites or perhaps, accessing them.
It also has provisions for hardening web servers and fixing security misconfigurations.
|
|
8.22 Segregation of networks
|
Groups of information services, users and information systems shall be segregated in the organization’s networks. |
Endpoint Central's Custom Group feature allows the admins to logically segregate systems of their convenience so that they can manage and secure them effectively.
Admins could create different static or dynamic groups for different operating environments based on their requirements.
|
|
8.23 Web filtering
|
Access to external websites shall be managed to reduce exposure to malicious content.
|
Using Endpoint Central, admins can block malicious websites to prevent users from accessing them |
|
8.24 Use of cryptography
|
Rules for the effective use of cryptography, including cryptographic key management, shall be defined and implemented.
|
Endpoint Central can help admins to encrypt end-users Windows devices using its Bitlocker Management and Mac devices with FileVault encryption. |
