Endpoint Protection is a security solution that supports the implementation of zero trust storage controls. This includes measures such as application whitelisting, network access control, and data storage controls to protect against malicious and misused software. These measures align with CIS Control 5.1 (Access Control and Authentication) and NIST SP 800-53 (Access Control).
Application whitelisting is a security measure that only allows approved applications to run on a device or network. This helps to prevent malicious software from running and causing damage. This aligns with CIS Control 5.3 (Software Use Control) and NIST SP 800-53 (Application Software Security).
Network access control (NAC) is a security measure that verifies the identity and status of a device before allowing it access to a network. This aligns with CIS Control 5.4 (Network Access Control) and NIST SP 800-53 (Network Access Control).
Allow Listing is a security measure that only allows specific devices or users to access a network or resource. This involves only allowing certain IP addresses or other network identifiers to access the network, preventing unauthorized access. This aligns with CIS Control 5.1 (Access Control and Authentication) and This refers to CIS Control 5 (Boundary Defense and NIST SP 800-53 (Access Control).
Ringfencing
Ringfencing is a security measure that isolates a network or resource from other parts of the network. This helps to prevent malicious actors from gaining access to sensitive information. This aligns with CIS Control 5.1 (Access Control and Authentication) and NIST SP 800-53 (Access Control).
Data storage control is a security measure that prevents the unauthorized access, modification, or deletion of data. This aligns with CIS Control 5.2 (Data Protection) and NIST SP 800-53 (Data Security).
Data Loss Prevention (DLP): Implementing DLP solutions to detect and prevent the unauthorized exfiltration of sensitive data. This aligns with CIS Control 5.2 (Data Protection) and NIST SP 800-53 (Data Security).
Encrypted email is an important component of Data Loss Prevention (DLP) and is covered by several key regulations, including the CIS controls, ISO 27001, and NIST. Specifically, CIS controls 7 and 12, ISO 27001 section A.9, and NIST Special Publication 800-171 all recommend the use of encryption for protecting sensitive information transmitted via email.