"... I was immediately back in business! As always, Endsight was very helpful and courteous."

- Loretta D. Customer review

Banners feature clients and employees of Endsight

Quote by Loretta D
In photo: Justin T, Igor K, & Jyan O
Photo by Aaron Y
Photo location: Endsight Berkeley office

Security Products & Services

Security is built into the very fabric of everything we do in relation to managing IT. For the past several years, Endsight has been recognized as an industry leader in security by winning the CRN's Managed Services Provider 500 award in the Security 100 category. The following are each of products and services related to security.

Table of Contents

(click a link in the table to jump to section)

Products included in all plans for all customers:

Basic Asset Management and Vulnerability Scanning/Reporting

The core of any security is knowing what we’re securing, and as such Endsight has a product that we include in all our plans – Basic Asset Management and Vulnerability Scanning/Reporting. This product is installed on all computers (not network infrastructure like switches and firewalls) and maintains several pieces of information about the computer and the software on it. Once that list is built, our product references known vulnerabilities from master lists online and complies reports of items that need addressing. For those items that are within our scope to patch and update (things like Adobe Reader, Java, and other third-party programs discussed elsewhere), Endsight discusses with our partners which programs we should update automatically. For vulnerabilities outside our scope, our Technical Account Management team can build a plan to manage them in a more holistic, designed way, rather than ad-hoc as they come up.

(return to top)

Security Dashboard Access

Our spectacular development and security teams have built a completely from scratch PowerBI dashboard of common security metrics for our clients, curated by our Security Architect. Clients with a license of PowerBI can view frequently updated data about security items like patching levels, endpoint protection, Microsoft Secure Score, and DNS security, among others. We also have a live report on currently supported operating systems. Our Technical Account Managers can use this as a discussion point to develop and monitor security progress, and our partners frequently use this dashboard for auditing purposes, both internally and externally. Partners without a PowerBI license can also receive exports of this data emailed to them on a scheduled basis. Both versions of access to this dashboard are included in all Endsight plans; the access is limited only to Microsoft licensing.

(return to top)

Endsight Security Fundamentals Review

Our security teams has curated a specific set of questions and data points to evaluate on a performance review. These questions are integrated into our general technology review to ensure that our partners have a good basis on the standard cybersecurity fundamentals. Items like MFA adoption, EDR/MTR adoption, and phishing training are all included, as well as a deeper dive into specific issues like lifecycle management. These questions combine with the Security Dashboard to help partners have a good handle on the basics of cybersecurity as well as a plan to get beyond just ‘the basics’. These reviews are included in all of our plans that contain IT strategy consulting.

(return to top)

Email Protection

Email protection is a baseline requirement of email today. Endsight’s partners with appropriate licensing (Microsoft 365 Defender) are entitled to a setup and configuration of our standard email protection policies. These include:

  • Spam protection
  • Phishing protection
  • Spoofing protection
  • Malware protection
  • Attachment protection
  • Link scanning and protection

Endsight has curated and tuned policies to be functional but also protective for our clients using the 365 infrastructure, and we’ve tested them across multiple environments. For partners with licensing including Microsoft 365 Defender (most commonly Microsoft 365 Business Premium), initial setup of these policies is included in all p protection lans. For partners using alternative email, initial setup and ongoing support is provided in accordance with the selected plan.

(return to top)

Endpoint Antivirus

Though Endsight extremely strongly recommends a Managed Threat Response/Endpoint Detection and Response combination, we recognize that isn’t always in the budget for everyone. Our organization feels the importance of Antivirus is great enough that we include it in every plan we offer. Though Antivirus is the legacy method of protecting assets from threats and doesn’t offer any protection against modern issues such as ransomware and data exfiltration; it’s still a requirement for any computing environment.

(return to top)

Patching (First-Party)

Windows Updates are critical to any organization’s security posture, and should be basic support for any MSP, as it is for Endsight. Not only do we use the Windows Update native tools to manage updates, we also use PSWindowsUpdate and our RMM and asset management tools to ensure multiple points of data on Windows Update status. We’ve also built version reporting into our security dashboard, and we highlight out of date computers.

(return to top)

Patching (Third-Party)

Endsight maintains a list of supported third party products that we patch automatically and keep up to date. Vulnerability management relies heavily on keeping as much software up to date as possible, and we’ve made our list as large as we feel we can support so all of our clients have as much software updated as possible. Though it will never be possible to manage all vulnerabilities or patch all software automatically, Endsight has a patching tool, we report on patching success, and we have procedures in place to assist our account management team in ensuring software that cannot be automatically patched is remediated manually.

(return to top)

Web Filtering

Endsight includes a license of our web filtering product for all clients on all plans. We’ve also configured our global policy for basic web filtering, specifically focusing on security. We block known malware sites, known command and control servers, and unspecified, unknown software and IP addresses. This basic level of web filtering is another layer of security that helps keep end users secure.

(return to top) 

Endsight recommended security suite:

Phishing Testing and Training

Endsight believes strongly that humans are the most important part of security. Humans are the weakest link to be protected and the strongest weapon in a monitoring arsenal. To that end, Endsight recommends phishing training and associated security training for users. We send fake phishing emails to partners and monitor which users fall for the ‘scams’. These users are reactively trained, as well as all users being proactively trained every quarter. Continual phishing testing and training keeps users aware of security threats in the modern world and greatly reduces human error – the most common cause of security incidents.

(return to top)

Inbound DNS Proxy

Partners using Endsight’s preferred DNS provider are offered additional protection with Cloudflare’s inbound DNS proxy. This technology inherently protects websites and other public services from various Internet attacks like DDoS and scripting weapons. Though not all DNS entries can be proxied, those that can benefit from greatly enhanced security and uptime.

(return to top)

Intune/MDM Policy Setup (Requires an Intune License)

Endsight’s unique situation with a large clientbase allows our security team to have a wide range of experience across many platforms. One commonality we’re seeing is a requirement for hardened security baselines from insurance companies. Microsoft’s Intune allows for a hardened setup for Windows workstations, enabling hundreds of recommended security settings to be configured at once and managed globally. This both satisfies insurance requirements and greatly enhances the security posture of an organization’s workstations.

(return to top)

Annual vCISO Review

As a component of a living security policy, Endsight recommends annual strategy and review sessions with our vCISO. Though the scope of work is continually evolving as the global threat landscape does, our sessions always include a review of the current environment, updating appropriate technologies to our current standards, and a review, discussion, and planning session between our partners and our vCISO. This helps keep partner organizations up to date, compliant with their own standards and baselines, and helps eliminate security holes as the organization evolves.

(return to top)

DNS Protection (with Reporting)

DNS protection allows an Endsight to control which areas on the Internet a computer can ‘look up’ and thus communicate with. This protection greatly reduces the amount of malware that can be downloaded, the command and control (C2) servers that can be communicated with, and where data can be sent or retrieved from. As another layer in the security onion, reducing the ability of attackers to resolve their malware and exfiltrate data is a capability Endsight strongly recommends. This product also comes with the ability to report on blocking activity, domain resolution, and protection effectiveness. We at Endsight consider this a ‘protection multiplier’ – greatly enhancing the protective power of other solutions.

(return to top) 

Endpoint Protection and SOC (MTR)

As mentioned in our Antivirus product, Endsight firmly believes that standard antivirus is no longer sufficient to protect computers in the modern threat landscape. All security organization now recommend an Endpoint Protection and Response (EDR) product at a minimum. Where a legacy antivirus product relies on a ‘list’ of blacklisted items, EDR is a behavioral analysis product, relying on artificial intelligence and machine learning to determine if actions being taken on a computer are suspicious or malicious. With this increased amount of data, a Security Operations Center (SOC) is used so actual humans are involved in the analysis of and response to the data. These products are combined into a Managed Threat Response (MTR) product, which is Endsight’s most critical, strongest recommendation for endpoint protection for our partners.

(return to top) 

Additional products and services available to customers

Endsight also has a well developed portfolio of additional security products and services available for our clients to support a wide range of individual situations for businesses today.

SaaS Protection/Endpoint Backup

The ability to backup individual workstations in addition to central file and data repositories for increased data security for a distributed workforce.

(return to top) 

Web and Application Control

Security for web applications developed for partners. Endsight can protect and firewall a custom developed web application to enhance its security.

(return to top) 

Cloud Protection

Endsight can deploy Microsoft’s protection technologies in the Azure environment to further protect the platform and data residing inside from malware and attacks.

(return to top) 

Customized Security Awareness Training

Endsight can create and present training specific to our partners to meet any specific security training needs.

(return to top) 

Data Loss Prevention

Endsight can configure several types of DLP technology so our partners have more control over the location and transmission of their data.

(return to top) 

DMARC Reporting

DMARC is a reporting mechanism to assist with spam protection and mail flow control. Endsight can deploy this reporting to grant increased visibility into mail flow and potential issues to ensure partner mail always flows well.

(return to top) 

IR/BCP/DR Plan Testing and Implementation

Endsight has a great deal of experience creating, maintaining, and implementing Incident Response, Business Continuity, and Disaster recovery plans.

(return to top) 

SEIM (Log Aggregation/Correlation and Analysis)

SEIM usage allows our partners to aggregate logs from many sources, providing a holistic view of network activity and allowing better intelligence on threat management. This is likely the next upcoming security technology that will be added to our recommendation list, once the security community can price and wield the technology effectively.

(return to top) 

Penetration Testing

Endsight works with several technology partners to enable penetration testing for clients who require it, ensuring outside attack surfaces are as minimal as possible.

(return to top) 

Policy Writing and Review

Endsight has a great deal of experience writing policies as well as plans. Acceptable Use, Data Storage, and technology procurement policies are commonly written, as well as many others.

(return to top) 

Regulatory Compliance Review

Occasionally, one of Endsight’s partners requires assistance with CMMC, NIST, PCI, or HIPAA compliance, or several others. Endsight can guide our clients through these processes.

(return to top) 

Server Disk Encryption

Although far less common than workstation encryption, server disk encryption is occasionally a requirement for our partners. Endsight does this ourselves, and has implemented this for partners on several occasions.

(return to top) 

Click me

Learn more

Free Cybersecurity Training