An endpoint is defined as any laptop, desktop, or mobile device.
- Determine the risk level by reviewing the data, server, and application risk classification examples and selecting the highest applicable risk designation across all. For example, an endpoint storing Low Risk Data but utilized to access a High Risk application is designated as High Risk.
- Follow the minimum security standards in the table below to safeguard your endpoints.
| Standards | Recurring Tasks | What to do | Low Risk | Medium Risk | High Risk |
|---|---|---|---|---|---|
| Patching | Apply security patches within seven days of publish. Nessus is recommended. Use a supported OS version. | ||||
| Whole Disk Encryption | Enable FileVault2 for Mac, BitLocker for Windows. Symantec PGP is recommended. Install MDM on mobile devices. | ||||
| Malware Protection | Install antivirus (SEP recommended). Install |
||||
| Inventory | Review and update network database quarterly. | ||||
| Configuration Manager | Install Nessus and WDE. | ||||
| Regulated Data Security Controls | Implement PCI, DSS, HIPAA, FISMA, or Export Controls as applicable. |
