Suddenly we are pivoting to supporting a large number of remote users. In some cases, they are using personal devices that are not under your control. In other cases, it is your equipment, but SCCM and KACE type products are designed for inside the network not for remote users. How do we know that those endpoints are safe and current?
Here are three ways:
Cisco DUO multi-factor authentication is a must for remote VPN and remote access users that are accessing critical and sensitive information. One of the nice things about Cisco DUO is that it constantly does a security check on the DUO authenticator device to make sure it is current with all recommended updates.
CyberSentinel Endpoint Detect & Recover (CSEDR) has a new button on the left menu called "Applications". From there you will see the SentinelOne client constantly evaluating whether your machines are current.
Next time I will discuss two ways to maintain these disconnected remote devices.