Skip links

Setting up device trust to secure the workforce

Endpoint Protection Challenges

With an estimated 70% of breaches on endpoints (laptops, workstations, servers, and mobile devices), businesses need to gain insight into the devices connected to both network and cloud applications. Businesses need to be able to trust the devices that connect to resources holding sensitive information.

So how is it that you can determine whether the endpoints connecting to your organisation’s resources are trustworthy?

Ask yourself a few short questions:

  • Can you automatically notify users about outdated software to reduce your help desk tickets or block devices that have been compromised? Or Quarantine files deemed to be malicious from causing a network-wide infection?
  • Can you enforce endpoint controls on potentially risky or corporate-owned devices? What about third-party or contractor-owned devices connecting to your network?
  • Can you enforce access policies based on application risk, or if the device is classified as healthy and compliant with security policies?

Gaining Trust in Endpoints

To effectively build trust in user devices, organizations should set up device-based policies to prevent access by risky or unknown devices. By ensuring that the device is healthy and compliant with security policies, you can ensure that it is trusted. key components of the Cisco Zero Trust security approach.

Cisco implements Zero Trust with a three-tier approach to the entire workforce, workload, and workplace through:

  1. Establishing the trust of a user, device, application, etc. before granting access or allowing connections or communications.
  2. Enforcing trust-based policies with detailed controls based on changing contexts, such as the security of devices and the behaviour of applications
  3. Continuously verifying trust by monitoring for dangerous devices, non-compliance with guidelines, behavioural deviations and software vulnerabilities

With Duo and Cisco (AMP) Advanced Malware Protection for endpoints, organizations have the tools to effectively build trust in users’ devices that connect to protected applications. Preventing, detecting and reacting are important elements when considering the devices’ confidence in a zero confidence safety approach for the workforce.

More on Cisco (AMP) Advanced Malware Protection here – https://re-solution.co.uk/security-amp

Trust through protection and discovery

Setting up trust goes beyond managing device status and involves checking the device and controlling access based on risk assessments to ensure that only flawless devices that match your security controls gain access to your business systems. With Duo Trusted Endpoints, you can enforce controls and policies to prevent dangerous endpoints from accessing your applications.

This includes devices that are not managed. Do not meet the operating system requirements. Status of enabled security features (configured or disabled); full Disk Encryption.

AMP for Endpoints provides endpoint protection, advanced endpoint detection and response capabilities, and a holistic view of your endpoints, regardless of the operating system. AMP continuously monitors and analyzes all file and process activity on your network to find and automatically blocks threats that other solutions overlook. It has more than 15 built-in protection and detection mechanisms to prevent threats from affecting your business. With just a few clicks in AMP’s browser-based management console, file execution on all endpoints can be blocked. AMP knows every other endpoint the file has reached, so the file can be quarantined for all users.

Integration between Duo Security and AMP for endpoints

Adding AMP to endpoints as a trusted endpoint in Duo provides the ability to protect applications from devices identified by AMP as malware-infected endpoints, Prevents access to applications containing sensitive data and reducing the risk of data loss.

The Duo Access Policies allow administrators to completely block access to devices marked by AMP without completely blocking the user. That way, they can access applications from an alternate device to ensure continued productivity.

By automatically isolating and blocking vulnerable devices, organizations can quickly resolve potential threats and reduce their risk footprint without completely impacting user productivity.

Duo and AMP provide enterprises with comprehensive tools to prevent, detect, and respond to potential endpoint threats, increasing overall confidence in these devices.

Learn more about DUO here and AMP above with complimentary trials available on both.

https://re-solution.co.uk/security-duo

Get in contact | Cisco ACIApplication Centric Infrastructure

Let's have a chat about your current set-up and understand how best we can help you with your SDN requirements.

Free trial | Cisco AMPAdvanced Malware Protection

We will set-up a trial of Cisco Advanced Malware Protection for you and deliver reports on how it is working for your organisation.

Free Trial | Cisco DUOAdvanced MFA and User Security

We will set-up a trial of Cisco DUO for you and deliver reports of how it is working for your organisation.

Free trial | Cisco CESCisco Email Security

We will set-up a trial of Cisco Email Security for you and deliver reports of how it is working for your organisation.

Request a demo | Cisco ISEIdentity Services Engine

Let's have a chat about Cisco ISE and understand how best we can help you with your endpoint visibility and policy enforcement.

Get in contact | Free IT Audit

We'll carry out a complimentary infrastructure audit and provide you with our recommendations. 

Get in contact | Cisco Easylease

Let's have a chat about your requirements and understand how best we can help you.

Get in contact | Cisco FlexpodConverged Infrastructure

Let's have a chat about your current set-up and understand how best we can help you with your Converged Infrastructure requirements.


Get in contact | Cisco HyperfelxCore and Edge computing

Let's have a chat about your current set-up and understand how best we can help you with your Core and Edge computing requirements.

Get in contact | Cisco MDSStorage Area Networks

Let's have a chat about your current set-up and understand how best we can help you with your SAN switching requirements.

Get in contact | Cisco Meraki CamerasCloud Managed Smart Cameras

Let's have a chat about your current set-up and understand how best we can help you with your Smart Camera requirements.

Get in contact | Cisco Meraki SD-WANSoftware Defined Wide area network

Let's have a chat about your current set-up and understand how best we can help you with your SD-WAN requirements.

Get in contact | Cisco Meraki SecurityNext Generation Firewall

Let's have a chat about your current set-up and understand how best we can help you with your security requirements.

Get in contact | Cisco Meraki Systems ManagerMobile and Desktop Management and Control

Let's have a chat about your current set-up and understand how best we can help you with your Mobile and Desktop Management and Control requirements.

30 Day Trial | Cisco Meraki Systems ManagerMobile and Desktop Management and Control

Let's have a chat about your current set-up and get you set-up with a free 30 day trial of Cisco Meraki Systems Manager.

Get in contact | Cisco Meraki Switches

Let's have a chat about your current set-up and understand how best we can help you with your switching requirements.

Free Access Point | Cisco Meraki WirelessWhen you join a webinar

Watch a Cisco Meraki Webinar and learn about the technology and receive a complimentary Access Point courtesy of Cisco Meraki.

Get in contact | Cisco Meraki Wireless

Let's have a chat about your current set-up and understand how best we can help you with your wireless requirements.

Get in contact | Cisco NexusDatacentre Switching

Let's have a chat about your current set-up and understand how best we can help you with your datacentre switching requirements.

Get in contact | Cisco NGFWNext Generation Firewall

Let's have a chat about your current set-up and understand how best we can help you with your firewall and network security.


Get in contact | Free IT Audit

We'll carry out a complimentary infrastructure audit and provide you with our recommendations. 

Get in contact | Cisco on premise

Let's have a chat about your business and what you want to achieve and understand how best we can help you.


Get in contact | Cisco UCSUnified Computing System

Let's have a chat about your current set-up and understand how best we can help you with your UCS requirements.

Free trial - Cisco UmbrellaAdvanced DNS Security

We will set-up a trial of Cisco Umbrella for you and deliver reports on how it is working for your organisation.