What is a Device Posture Check (DPC)?

Endpoints are one of the biggest security threats to an organization, especially with the rise of remote work. If a user’s device is infected by malware, the malware may be able to steal a user’s credentials or use its connection to the corporate network to attack an organization’s systems.

A device posture check is designed to evaluate the threat that a device poses to an organization and its systems. For example, the check may verify that the device has installed the most recent software and security updates, and has an endpoint security solution installed and running.

Learn More Request a Demo

What is a Device Posture Check (DPC)?

How Does a Device Posture Check Work?

DPC can be integrated into an endpoint security solution installed on a user’s device. This solution can collect security data from the device, including the following:

  • Patch Level: Vulnerabilities in the operating system or the applications running on a user’s device can be exploited to install malware on the device. A DPC solution can verify that a device is up to date on its patching.
  • Endpoint Security: A corporate endpoint security solution can dramatically reduce an endpoint’s risk of malware infection and other threats. A DPC solution can verify that the endpoint security solution is installed, running, and up to date.
  • Security Configurations: An organization may mandate that user devices follow certain security requirements such as implementing full disk encryption (FDE) or using a firewall. A DPE solution can verify that the user’s device is compliant with these requirements.
  • Risk Behaviors: A user may visit a dangerous website or install suspicious software on their device, increasing the chance of a malware infection. A DPC solution may be able to evaluate the risk that a user’s device has been infected.

All of these data points contribute to an overall risk score for a device looking to connect to an organization’s network, systems, or applications. A DPC solution may be configured to perform a check only when a device initially attempts to connect to corporate resources or may periodically poll the device throughout the session. If the device is deemed to be non-compliant or too risky, the DPC solution can block or terminate the user’s session.

Device Posture Check Use Cases

DPC can help an organization to achieve various goals. Some common use cases for DPC include the following:

  • Network Security: DPC is commonly used to protect an organization’s network and other resources against the threat of a compromised device. When a device attempts to connect to the corporate network or other resources, a DPC will be performed, and the access request will be approved or denied based on the result of the evaluation.
  • Step-Up Authentication: Step-up authentication is when an organization requires additional authentication steps — such as multi-factor authentication (MFA) — when an access request is deemed to be high-risk. This can be based on the nature of the access request — such as requesting access to a critical system — or on the result of a DPC if a device is determined to pose an elevated risk to the organization.
  • Regulatory Compliance: Data protection regulations mandate that an organization control access to sensitive data and take steps to protect it against unauthorized access. DPC can be part of an organization’s compliance strategy, providing additional assurance that the person accessing sensitive data protected by regulations is actually the authorized user.

Benefits of a Device Posture Check

Device posture check offers a few potential benefits to an organization, including the following:

  • Improved Security: DPC helps to ensure that devices are up-to-date and compliant before allowing them to access corporate resources. This reduces the risk that they pose to an organization and its IT assets.
  • Compliant BYOD: A common application of DPC is bring-your-own-device (BYOD) programs, which allow users to work from personal devices. DPC can help to ensure that these personally-owned devices are compliant with corporate BYOD security policies and regulatory requirements.

DPC with Check Point Harmony Endpoint

DPC can be a valuable tool for managing the risk associated with its endpoints, especially ones that are not owned by the organization. DPC can gauge the risk of a malware infection and determine if a device is compliant with corporate policies before allowing it access to corporate resources.

Check Point’s Harmony Endpoint is a market-leading endpoint security solution that offers a range of features to protect an organization’s devices. Due to a new integration with Ivanti, it now incorporates DPC functions. Harmony Endpoint can automatically discover, manage, secure, and service an organization’s IT assets. It also offers one-click vulnerability detection and remediation of vulnerabilities across the enterprise.

Strong endpoint security is a foundational component of an organization’s cybersecurity strategy. To learn more about how Harmony Endpoint can help enhance the security of an organization’s IT assets and BYOD devices, sign up for a free demo today.

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK