Corporate Endpoint Desktop

Desktop is the primary access to the organization’s resources and business applications. It is the gateway to the organization’s highly valuable and confidential information assets. For this reason, it is important to be really sure that the bedrock principles of information security – confidentiality, integrity and availability – is strictly maintained.

If the security of the desktop is weak, potential intruders can easily by-pass the first obstacle. It is paramount to ensure that desktop has the right configuration that allow authorized users entry, deny unauthorized users entry and detect and block any attempt to by-pass its security parameters. In order to effectively manage desktop security, a blend of three components – People, Process and Technology – is necessary. You may implement state-of-the-art security technology and apply world-class processes, but if the users themselves are not taking security seriously or they are not aware of the threats and risks involved, then the investment and procedures become meaningless. All the three components are equally important and contributing to the maximum security protection of the desktop. If one of the component is missing, the desktop is more likely to be compromised and the most valuable information asset of the organization will be at risk.

Desktop security is a process. It is not a simple system where it has specific input, process and output. It is a process consists of Protection, Detection and Response. It is a continuous journey. The irony is that, despite the important contribution of investment in desktop security to reducing the risk of information security breach, it is difficult to quantify and justify and eventually to obtain buy-in from management for future investment, as compared to other IT initiatives such as application development and system implementation which has direct impact to business revenue. The only time when the organization realize that they need a good desktop security is when viruses are attacking and destroying all the files or confidential organization’s data is lost to competitors and the list goes on. You have the option of acting early and not wait until a tragedy happens; by then it will be too late. Prevention is always better than cure.