You have a great firewall, and it provides you VPN tunnels, your users enjoy connecting to your critical information from their home computers or BYOD devices all day. So how were you crippled by Ransomware when you have EDR, IPS, IDS and every other security device running on your network? It is because you did not require that your VPN endpoints pass a compliance check. Home computers can be riddled with viruses, malware, and even be under the control of a hacker.
You need to employ a compliance scanner that verifies that your endpoints are qualified to connect to your secure corporate network. System Administrators seldom are concerned with what you have on your home computer and are not interested in controlling, they can however require that a machine follow a set of standards which can range from bios version to presence of antivirus software and presence of non compliant software.
Don’t miss this critical step on having a complete and comprehensive Security Plan. You find these types of compliance checkers in NGFW (Next-Generation Firewalls). The technology will not let people with non-compliant devices connect to your network via VPN or other firewall controlled access methods. This technology is also referred to as device posturing.