DigitalDefence

Home > Protect > Audits >> > Endpoint Security Audit

Endpoint Security Audit

One of the most significant threats to an organization’s security are the endpoints—the user-controlled devices that connect to the network.

These endpoints include workstations, laptop computers, personal digital assistants (PDAs), mobile phones and cameras, Blackberries, memory devices (USB keys and portable hard drives) and specialized equipment like Point of Sale terminals.

Securing endpoints requires you to overcome some particular challenges:

  • Network security devices (firewalls, VPNs, etc.) are ineffective at protecting mobile endpoints—therefore, each device must provide its own security;
  • An organization may not always own, or have control over, the endpoints that connect to the network; and,
  • The devices are frequently mobile, so security applied at the workplace must remain effective on the road and at the employee's home.

      • DigitalDefence’s endpoint security assessment provides a comprehensive program to auditably ensure the security of an organization’s endpoints, and integrate them into your secure network.

Service Delivery

The Endpoint Security Assessment audit reviews the following services:

  • Network infrastructure, including network and device access controls;
  • Data flow analysis map to identify points where sensitive data can be accessed, copied, modified or stolen;
  • Policy development governing static and mobile endpoints, including central management, enforcement, and auditing;
  • Secure remote access from the secure network to mobile devices across wired and wireless networks;
  • Centrally managed vulnerability management, including update and patch delivery and auditing;
  • Implementation of effective security controls at the endpoint, including client firewall, anti-virus, IDS/IPS, encryption, and patch management;
  • Development and implementation of a Common Operating Environment, COE, to ensure consistent delivery of a secure environment;
  • Review of specific applications on mobile endpoints;
  • Secure messaging to endpoints, including e-mail, instant messaging, anti-spam and phishing protection, and archival;
  • Backup and recovery of endpoint devices;and
  • Security awareness training for end-users



Datasheet – Endpoint Security Audit [68 kb]