Implement Strong Device & Endpoint Security

This standard mandates the implementation of strong device and endpoint security to ensure every device is continuously verified.

1. Implement Strong Device & Endpoint Security:

Every device must be continuously verified. This approach ensures that only secure devices can access internal resources.

• 1.1 Endpoint Detection and Response (EDR) and Mobile Device Management (MDM):
  • 1.1.1 Tool Utilisation:
    • Use Endpoint Detection and Response (EDR) and Mobile Device Management (MDM).
    • Automate the configuration of EDR and MDM tools.
  • 1.1.2 Management Implementation:
    • Automate the tracking of EDR and MDM implementations.
    • Implement management tutorials.
• 1.2 Security Health Checks:
  • 1.2.1 Access Restriction:
    • Require devices to pass security health checks before accessing internal resources.
    • Automate the execution of security health checks.
  • 1.2.2 Check Management:
    • Automate the tracking of health check results.
    • Implement check feedback collection.
• 1.3 Device Identity Validation:
  • 1.3.1 Certificate-Based Authentication:
    • Enforce device identity validation with certificate-based authentication.
    • Automate the validation of device identities.
  • 1.3.2 Validation Management:
    • Automate the tracking of certificate-based authentication.
    • Implement validation tutorials.

By implementing strong device security, organisations can ensure only secure devices access internal resources.

---