Ensure Compliant Network Access with Our New Device Posture Check (DPC)

Not long ago, the applications in use by an organization’s employees were located on servers within the office, and only on-site PCs could access the network. Anyone employed by a company today will know this is no longer the case. Boosted bandwidth and computing availability makes it convenient for resources and workstations to go mobile – yet all the inconvenience saved by this trend has been quietly transferred elsewhere: to the IT and security teams. 

Consider the Sales Manager who connects to her company’s network via her Macbook, a common occurrence in today’s modern organization. Her connection likely never touches the office in a physical sense: she’s accessing Salesforce, which is hosted in third-party servers, from her personal device that hasn’t been set up by the IT team. She may have the correct credentials and be encrypted, but in any scenario where IT cannot directly control all the variables of secure mobile access, the network is exposed.

What if there was a way to ensure that employees’ mobile devices are always as secure and predictable as a preconfigured office PC? With Perimeter 81’s new Device Posture Check (DPC) feature, this is exactly the degree of control that IT teams can expect.

Discovering Device Posture

Device Posture Check enhances your network security by ensuring that employees can only connect with devices that are already secured. It allows administrators to guarantee that only devices which are in compliance with your security policies can connect to the network, and it also gives IT the device inventory and reporting tools they need to continuously support  network security and access.

Simply put, DPC is designed to allow IT control over all device aspects required for secure network access. If any of these configurations are missing, no connection can occur, protecting the network from potential hacks and vulnerabilities. 

These elements are included  in the Posture Check Profiles that admins are able to create. To learn more about how it works, check out our Device Posture Check page in the knowledge base.

Profiles are essentially mini-policies for the users and groups they apply to which define the device posture requirements that grant network access. For example, the administrator who wants to ensure proper device posture for salespeople using MacOS (as in the above example) would create a Posture Check Profile for the Sales Team. They’d then select MacOS as the appropriate OS and then specify the present elements required for access, like antivirus software and the correct device certificate:

IT teams can enforce the presence of multiple security elements for Mac or Windows:

  • Antivirus: Check if the device has your organization’s preferred antivirus software installed.
  • Certification: Check whether a specific certification exists on the device.
  • File Exists: Check if a file required for the proper security posture exists on the device.
  • Disk Encryption: Check if the disk is encrypted.
  • Windows Registry (for Windows devices): Check whether a specific registry path or value exists in the device’s Windows Registry.

A profile can include multiple operating systems (both desktop and mobile) for the  user group it applies to, so only one profile per user group (or groups) is necessary. A classic example of defense in depth, Device Posture Check rules complement the other crucial security and networking features present in Perimeter 81, such as DNS protection, encrypted tunneling, 2FA, Zero Trust access and more.

Device Inventory: Take Stock of Your Security

Device Posture Check provides IT admins, frequently responsible for proving the efficacy of their security policies, with detailed reports that allow them to stay on top of how employees are connecting to the network and whether their device health has changed. In addition, a drill-down device view gives admins detailed information regarding failed posture checks for easier support.

DPC reporting features include:

A breakdown of connected devices by operating system and their individual number of successful and unsuccessful connections.

A filterable report of posture checks by date and time, including the name of the employee and their device, operating system, relevant device policy, serial number, location, and status (a successful or unsuccessful connection).

A thorough drill down into each device, including employee name, app version, access status, location, installation ID, date of last posture check, operating systems, installation date, last update, and reasons for failed posture checks.

A view of each employee and their devices.

Security That Neglects Devices Isn’t Security

Of workers that are assigned a business device to use for work, 70% say that they’ve personally browsed, downloaded apps and answered non-work-related emails on these devices. Employees allowed to use personal devices for work also represent a majority at 54% in 2020, making these endpoints deserving of enhanced security – especially as resources are more vulnerable.

IT professionals looking to accelerate their organization’s defenses against the risks of BYOD and the cloud transition can rely on our Device Posture Check to quickly bring policy up to speed. Check it out today, and stay tuned for more product updates coming shortly.