How Promisec keeps endpoints in compliance

Promisec wrestles endpoints into compliance, automatically if desired, and keeps a watchful eye over them to ensure they don't stray.

wrestlers fighting

Most companies generally fall into one of two categories in terms of their cybersecurity posture. You have very large organizations, often with very robust, well-staffed defenses that are nonetheless having trouble maintaining security due to nearly constant attacks and the sheer volume of servers, clients and mobile devices that they need to protect. And then you have smaller organizations with fewer assets to guard, but also likely less budget, staff and expertise to secure their enterprise.

Both groups could do with a little help from products in the managed detection and response (MDR) category. A common misconception is that MDR needs to be deployed as a service, with an outside contractor managing cybersecurity. But that is not the case. The Promisec PEM (Promisec Endpoint Management) software can be installed completely on-premises, and gives visibility, advice, and even remediation help for all kinds of threats, unwanted programs and compliance issues that crop up within almost every network over time. Promisec can bring those endpoints into compliance, and keep them from wandering back off again.

Promisec PEM is deployed on a server that acts as the management hub for the system. You only need one, regardless of how large your network is, since it is only used to set up scans, white and blacklisting, and other management tasks. You do need to deploy smaller management programs called sentries, with one sitting within each logical group of endpoints within a network. So, you might have one sentry for Los Angeles and another for New York, or one for your Finance and one for your Sales group. The sentries are tiny and simply report scan results back to the main management console.

There is no need to install agents of any type on the endpoints themselves. Simply having access to the registry is enough for full visibility. As such, deploying the management console and whatever sentries are needed to cover an enterprise can be accomplished in a couple hours at most. There is also a cloud-based version of PEM, though our testing for this review used the on-premises solution.

Configuring PEM

Once installed, IT teams can begin configuring PEM, telling it what to look for in terms of compliance and security. Regulatory compliance statutes like HIPAA or PCI are included. Other more unique ones like specific state laws can be defined to the program and included in scanning too. Administrators can also very easily whitelist and blacklist programs that they need, or definitely don’t want, running on their network. PEM also accepts so-called golden baseline images for devices if an organization has them, setting up future scans to ensure that no endpoint has drifted away from its preferred, golden configuration.

To continue reading this article register now

Microsoft's very bad year for security: A timeline