Chapter 12. Endpoints

Endpoints—devices that an end user operates, such as a desktop, laptop, tablet, or cell phone—are becoming ever more popular targets for malicious individuals who are looking to compromise a network. With an increasingly mobile workforce and rapidly falling prices for storage, the amount of data that is either stored on endpoints or available to endpoints via the repositories that they access (i.e., shared drives) is growing more and more substantial by the day.

In what may appear (from a security perspective, at least) to be a counterintuitive response to this greater availability of data, demands are high for access to that data to be increasingly low-friction, often in the name of boosting the productivity or agility of the organization.

Endpoints are, of course, also the locations at which most people conduct activities such as web browsing, instant messaging, reading email, and clicking any random links or attachments that seem appealing to them at the time. The number of vectors available to attack endpoints is large, and enterprise networks are filled with targets for whom security is not necessarily the number one priority.

All of this has, unsurprisingly, led to endpoints being increasingly targeted not only by malware and ransomware but also by more precise spearphishing and hacking campaigns. In this chapter we will explore steps you can take on most endpoint devices to drastically reduce the chances of an endpoint being compromised, as well as ...