|
S.No
|
Essential Cybersecurity Control
|
How Endpoint Central helps
|
|
1- 6
|
Cybersecurity in Information and Technology Project Management
To ensure that cybersecurity requirements are included in project management methodology and procedures in order to protect the confidentiality, integrity, and availability of information and technology assets as per organization policies and procedures and related laws and regulations.
Objective Controls
1-6-1 The cybersecurity requirements in project and assets (information/technology) Cybersecurity requirements must be included in project and asset (information/ technology) change management methodology and procedures to identify and manage cybersecurity risks as part of project management lifecycle.
The cybersecurity requirements must be a key part of the overall requirements of technology projects.
The change management must include at least the following:
1-6-2-1 Vulnerability assessment and remediation
1-6-2 -2 Conducting a configurations’ review, secure configuration, and hardening and patching before changes or going live for technology projects.
1-6-3 The cybersecurity requirements related to software and application development projects must include at least the following:
1-6-3-1 Using secure coding standards.
1-6-3-2 Using trusted and licensed sources for software development tools and libraries.
1-6-3-3 Conducting compliance tests for software against the defined organizational cybersecurity requirements.
1-6-3-4 Secure integration between software components.
1-6-3-5 Conducting a configurations’ review, secure configuration and hardening and patching before going live for software products.
1-6-4 The cybersecurity requirements in project management must be reviewed periodically.
|
Endpoint Central offers robust vulnerability management by enabling continuous threat assessment and providing a unified console for complete visibility. Beyond identifying vulnerabilities, it streamlines remediation with built-in tools to address detected issues effectively.
Whether managing critical or non-critical information systems, Endpoint Central empowers admins with risk-based prioritization. Vulnerabilities can be ranked based on key factors such as CVSS scores, CVE impact types, patch availability, and more.
With extensive patch management support for Windows, Linux, macOS, and Windows Server operating systems, Endpoint Central ensures seamless updates. Additionally, it includes features for hardening web servers and addressing security misconfigurations to enhance system defenses.
|
|
1-7
|
Compliance with Cybersecurity Standards, Laws and Regulations
To ensure that the organization’s cybersecurity program is in compliance with related laws and regulations.
Objective Controls
1-7-1 The organization must comply with related national cybersecurity laws and regulations.
1-7-2 The organization must comply with any nationally-approved international agreements and commitments related to cybersecurity.
|
Endpoint Central helps in complying with SAMA, PDPA and other national laws.
|
|
2-1
|
Asset Management
To ensure that the organization has an accurate and detailed inventory of information and technology assets in order to support the organization’s cybersecurity and operational requirements to maintain the confidentiality, integrity, and availability of information and technology assets.
Objective Controls
2-1-1 Cybersecurity requirements for managing information and technology assets must be defined, documented, and approved.
2-1-2 The cybersecurity requirements for managing information and technology assets must be implemented.
2-1-3 Acceptable use policy of information and technology assets must be defined, documented, and approved.
2-1-4 Acceptable use policy of information and technology assets must be implemented.
2-1-5 Information and technology assets must be classified, labeled, and handled as per related law and regulatory requirements.
2-1-6 The cybersecurity requirements for managing information and technology assets must be reviewed periodically.
|
Endpoint Central offers robust asset management capabilities for both hardware and software, providing a detailed inventory of computers, devices, installed hardware, software, and stored files across your network.
Its MDM feature extend these capabilities to mobile devices, offering comprehensive visibility into all mobiles within your organization.
With advanced inventory reporting, Endpoint Central simplifies audit preparation and ensures compliance with industry standards.
Additionally, it enables administrators to distribute terms of use policies, including security mandates, compliance guidelines, and best practices. Admins can also transparently inform users about the data collected from their devices and the purposes behind its collection.
|
|
2-2
|
Identity and Access Management
Objective
To ensure the secure and restricted logical access to information and technology assets in order to prevent unauthorized access and allow only authorized access for users which are necessary to accomplish assigned tasks.
Controls
2-2-1 Cybersecurity requirements for identity and access management must be defined, documented, and approved.
2-2-2 The cybersecurity requirements for identity and access management must be implemented.
2-2-3 The cybersecurity requirements for identity and access management must include at least the following:
2-2-3-1 User authentication based on username and password.
2-2-3-2 Multi-factor authentication for remote access.
2-2-3-3 User authorization based on identity and access control principles: Need-to-Know and Need-to-Use, Least Privilege and Segregation of Duties.
2-2-3-4 Privileged access management.
2-2-3-5 Periodic review of users’ identities and access rights.
2-2-4 The Implementation of the cybersecurity requirements for identity and access management must be reviewed periodically
|
Endpoint Central enables organizations to adopt principle of least privilege, offering robust endpoint privilege management. This includes application-specific privilege controls and just-in-time access for end users.
It enforces conditional access policies to ensure that only authorized users can access critical business systems and sensitive data.
For IT administrators and security operations teams, Endpoint Central enhances console security through role-based access control (RBAC) and multi-factor authentication (MFA).
|
|
2-3
|
Information System and Information Processing Facilities Protection.
Objective
To ensure the protection of information systems and information processing facilities (including workstations and infrastructures) against cyber risks.
Controls
Cybersecurity requirements for protecting information systems and information processing facilities must be defined, documented, and approved.
2-3-1 The cybersecurity requirements for protecting information systems and information processing facilities must be implemented.
2-3-2 The cybersecurity requirements for protecting information systems and information processing facilities must include at least the following:
2-3-3-1 Advanced, up-to-date, and secure management of malware and virus protection on servers and workstations.
2-3-3-2 Restricted use and secure handling of external storage media.
2-3-3-3 Patch management for information systems, software, and devices.
2-3-3-4 Centralized clock synchronization with an accurate and trusted source (e.g., Saudi Standards, Metrology and Quality Organization (SASO)).
|
Endpoint Central has a built-in next gen antivirus engine (currently available as early access) that proactively detects cyber threats with its AI-assisted, real-time behavior detection and deep learning technology.
Endpoint Central provides comprehensive Patch support for Windows, Linux, and macOSs and Windows Server OS. It also can patch 1,000+ third party applications, hardware drivers, and BIOS.
Endpoint Central with its peripheral device management capabilities allows you to block/ restrict external storage devices and can enable your admin create a list of trusted devices your end users can use in their endpoints. It can help implement file tracing to track sensitive files, especially when you move them to external devices. You can also perform file shadowing operations for sensitive data whenever you copy or modify them in peripheral devices.
|
|
2-4
|
Email Protection
Objective
To ensure the protection of an organization’s email service from cyber risks.
Controls
2-4-1 Cybersecurity requirements for protecting email service must be defined, documented, and approved.
2-4-2 The cybersecurity requirements for email service must be implemented.
2-4-3 The cybersecurity requirements for protecting the email service must include at the least the following:
2-4-3-1Analyzing and filtering email messages (specifically phishing emails and spam) using advanced and up-to-date email protection techniques.
2-4-3-2 Multi-factor authentication for remote and webmail access to email service.
2-4-3-3 Email archiving and backup.
2-4-3-4 Secure management and protection against Advanced Persistent Threats (APT), which normally utilize zero-day viruses and malware.
2-4-3-5 Validation of the organization’s email service domains (e.g., using Sender Policy Framework (SPF)).
2-4-4 The cybersecurity requirements for email service must be reviewed periodically.
|
Endpoint Central's phishing protection capability secures users from malicious files.
Endpoint Central can help the admins configure Exchange Active Sync policy to establish secure communication between the Exchange server and the managed devices
Endpoint Central also provides for a specific app to view the attachments securely and permit only approved apps to open them, if needed.
Endpoint Central has Conditional Exchange Access to restrict access for unmanaged devices and permit only MDM approved BYOD devices to access the Exchange servers.
|
|
2-5
|
Networks Security Management
Objective
To ensure the protection of the organization’s network from cyber risks.
2-5-1 Controls Cybersecurity requirements for network security management must be defined, documented, and approved.
2-5-2 The cybersecurity requirements for network security management must be implemented.
2-5-3 The cybersecurity requirements for network security management must include at least the following:
2-5-3-1 Logical or physical segregation and segmentation of network segments using firewalls and defense-in-depth principles.
2-5-3-2 Network segregation between production, test, and development environments. Secure browsing and Internet connectivity, including restrictions on the use of file storage/sharing and remote access websites, and protection against suspicious websites.
2-5-3-3 Wireless network protection using strong authentication and encryption techniques.
2-5-3-4 A comprehensive risk assessment and management exercise must be conducted to assess and manage the cyber risks prior to connecting any wireless networks to the organization’s internal network.
2-5-3-5 Management and restrictions on network services, protocols, and ports.
2-5-3-6 Intrusion Prevention Systems (IPS).
2-5-3-7 Security of Domain Name Service (DNS).
2-5-3-8 Secure management and protection of the Internet browsing channel against Advanced Persistent Threats (APT), which normally utilize zero-day viruses and malware.
2-5-4 The cybersecurity requirements for network security management must be reviewed periodically.
|
Endpoint Central's network neutral architecture allows our admins to manage endpoints in multiple scenarios - where the test and development environments could be separated from the production environment.
Endpoint Central comes handy for admins to configure Windows Firewall for the end-users. SecOps can do a port audit in their environment and reduce their attack surface to a great extent, in case of zero -day exploit.
Endpoint Central enables secure browsing by enabling admins to enforce extensive threat protection configurations.
Block / Restrict your end users from downloading files (which might contain malware) from malicious websites or perhaps, accessing them.
|
|
2-6
|
Mobile Devices Security
To ensure the protection of mobile devices (including laptops, smartphones, tablets) from cyber risks and to ensure the secure handling of the organization’s information (including sensitive information) while utilizing Bring Your Own Device (BYOD) policy.
Objective Controls
2-6-1 Cybersecurity requirements for mobile device security and BYOD must be defined, documented and approved.
2-6-2 The cybersecurity requirements for mobile device security and BYOD must be implemented.
2-6-3 The cybersecurity requirements for mobile devices security and BYOD must include at least the following:
2-6-3-1 Separation and encryption of organization’s data and information stored on mobile devices and BYODs.
2-6-3-2 Controlled and restricted use based on job requirements.
2-6-3-3 Secure wiping of organization’s data and information stored on mobile devices and BYOD in cases of device loss, theft or after termination/separation from the organization.
2-6-3-4 Security awareness for mobile devices users.
2-6-4 The cybersecurity requirements for mobile devices security and BYOD must be reviewed periodically
|
Endpoint Central's BYOD policies ensure that personal and corporate data are separated/ containerized in end-user's devices.
Endpoint Central has Conditional Exchange Access to restrict access for unmanaged devices and permit only MDM approved BYOD devices to access the Exchange servers.
With Endpoint Central, you can permit BYOD devices access Microsoft 365 apps that fulfill specific security conditions, OS, and patch versions and those that have passwords, DLP policies,and other requirements.
Endpoint Central helps admins perform remote wipes to ensure corporate data security in case a device is lost.
Endpoint Central has provisions to distribute terms of use policies to users that can contain security mandates, compliances, and recommendations. It allows admins to inform the users about the data collected from their devices and the reasons for the same.
|
|
2-7
|
Data and Information Protection
To ensure the confidentiality, integrity and availability of organization’s data and information as per organizational policies and procedures, and related laws and regulations.
Objective Controls
2-7-1 Cybersecurity requirements for protecting and handling data and information must be defined, documented, and approved as per the related laws and regulations.
2-7-2 The cybersecurity requirements for protecting and handling data and information must be implemented.
2-7-3 The cybersecurity requirements for protecting and handling data and information must include at least the following:
2-7-3-1 Data and information ownership.
2-7-3-2 Data and information classification and labeling mechanisms.
2-7-3-3 Data and information privacy.
2-7-4 The cybersecurity requirements for protecting and handling data and information must be reviewed periodically
|
Endpoint Central offers advanced data leakage prevention capabilities, enabling the detection and classification of personally identifiable information (PII). It provides complete control over data flow within your IT environment by allowing administrators to configure policies for data transfers through cloud services and peripheral devices.
With its BYOD policies, Endpoint Central ensures a clear separation between personal and corporate data on end-user devices, maintaining privacy and security.
|
|
2-8
|
Cryptography
To ensure the proper and efficient use of cryptography to protect information assets as per organizational policies and procedures, and related laws and regulations.
Objective Controls
2-8-1 Cybersecurity requirements for cryptography must be defined, documented, and approved.
2-8-2 The cybersecurity requirements for cryptography must be implemented.
2-8-3 The cybersecurity requirements for cryptography must include at least the following:
2-8-3-1 Approved cryptographic solutions standards and its technical and regulatory limitations.
2-8-3-2 Secure management of cryptographic keys during their lifecycles.
2-8-3-3 Encryption of data in-transit and at-rest as per classification and related laws and regulations.
2-8-4 The cybersecurity requirements for cryptography must be reviewed periodically.
|
Endpoint Central uses FIPS 140-2 compliant algorithms. Users can enable FIPS mode to run their IT on a highly secure environment.
Endpoint Central can help admins to encrypt end-users Windows devices using its Bitlocker Management and Mac devices with FileVault encryption.
|
|
2-10
|
Vulnerabilities Management
Objective
To ensure timely detection and effective remediation of technical vulnerabilities to prevent or minimize the probability of exploiting these vulnerabilities to launch cyber attacks against the organization.
Controls
2-10-1 Cybersecurity requirements for technical vulnerabilities management must be defined, documented and approved.
2-10-2 The cybersecurity requirements for technical vulnerabilities management must be implemented.
2-10-3 The cybersecurity requirements for technical vulnerabilities management must include at least the following:
2-10-3-1 Periodic vulnerabilities assessments.
2-10-3-2 Vulnerabilities classification based on criticality level.
2-10-3-3 Vulnerabilities remediation based on classification and associated risk levels.
2-10-3-4 Security patch management.
2-10-3-5 Subscription with authorized and trusted cybersecurity resources for up-to-date information and notifications on technical vulnerabilities.
2-10-4 The cybersecurity requirements for technical vulnerabilities management must be reviewed periodically.
|
Endpoint Central provides comprehensive vulnerability management in terms of constant assessment and visibility of threats from a single console. Apart from vulnerability assessment, it also provides built-in remediation of the vulnerabilities detected. For both critical and non-critical information systems, Endpoint Central provides risk-based vulnerability management so that admins can prioritize the vulnerabilities based on metrics like CVSS score, CVE impact type, Patch availability, and much more.
Endpoint Central provides a unified console for ITops and SecOps to manage and secure endpoints. Endpoint Central has role-based access control so that security functions of the IT can be assigned to independent security experts. Endpoint Central provides comprehensive Patch support for Windows, Linux, and macOSs and Windows Server OS. It also can patch 1,000+ third party applications, hardware drivers, and BIOS. Endpoint Central also integrates with other Vulnerability assessment solutions like Tenable
|
|
2-12
|
Cybersecurity Event Logs and Monitoring Management
Objective
To ensure timely collection, analysis and monitoring of cybersecurity events for early detection of potential cyber-attacks in order to prevent or minimize the negative impacts on the organization’s operations.
Controls
2-12-1 Cybersecurity requirements for event logs and monitoring management must be defined, documented, and approved.
2-12-2 The cybersecurity requirements for event logs and monitoring management must be implemented.
2-12-3 The cybersecurity requirements for event logs and monitoring management must include at least the following:
2-12-3-1 Activation of cybersecurity event logs on critical information assets.
2-12-3-2 Activation of cybersecurity event logs on remote access and privileged user accounts.
2-12-3-3 Identification of required technologies (e.g., SIEM) for cybersecurity event logs collection.
2-12-3-4 Continuous monitoring of cybersecurity events.
2-12-3-5 Retention period for cybersecurity event logs (must be 12 months minimum).
2-12-4 The cybersecurity requirements for event logs and monitoring management must be reviewed periodically.
|
Endpoint Central has a built-in next gen antivirus engine (currently available as early access) that proactively detects cyber threats with its AI-assisted, real-time behavior detection and deep learning technology.
Apart from real-time threat detection, Endpoint Central also actively performs incident forensics so that SecOps analyze the root cause and severity of the threats.
Refer to Eventlog Analyzer - ManageEngine's Log Analyser tool
|
|
2-13
|
Cybersecurity Incident and Threat Management
Objective
To ensure timely identification, detection, effective management and handling of cybersecurity incidents and threats to prevent or minimize negative impacts on organization’s operation taking into consideration the Royal Decree number 37140, dated 14/8/1438H.
Controls
2-13-1 Requirements for cybersecurity incidents and threat management must be defined, documented, and approved. 2-13-1
2-13-2 The requirements for cybersecurity incidents and threat management must be implemented.
2-13- 3 The requirements for cybersecurity incidents and threat management must include at least the following:
2-13-3-1 Cybersecurity incident response plans and escalation procedures.
2-13-3-2 Cybersecurity incidents classification.
2-13-3-3 Cybersecurity incidents reporting to NCA.
2-13-3-4 Sharing incidents notifications, threat intelligence, breach indicators and reports with NCA.
2-13-3-5 Collecting and handling threat intelligence feeds.
2-13-4 The requirements for cybersecurity incidents and threat management must be reviewed periodically
|
Endpoint Central has a built-in next gen antivirus engine (currently available as early access) that proactively detects and classifies cyber threats with its AI-assisted, real-time behavior detection and deep learning technology.
Apart from real-time threat detection, Endpoint Central also actively performs incident forensics so that SecOps analyze the root cause and severity of the threats.
|
