Skip to content
English
Sign in
Go to expressbadging.com
  • There are no suggestions because the search field is empty.

Endpoint Protection Policy

eXpress badging® maintains a management-approved Endpoint Protection Policy to safeguard internal systems against malware, ransomware, and sophisticated threats.

🛡️ eXpress badging® Endpoint Protection Policy (Workstations, Servers, Mobile Devices)

Summary:
We deploy Datto AV, Datto EDR, and Microsoft Defender Antivirus across our environment, all aligned with the NIST Cybersecurity Framework (CSF) 2.0.

👔 Management Oversight & Communication

  • Approved by Executive Leadership and reviewed annually.

  • 📢 Communicated during onboarding and reinforced via periodic training.

  • 👤 Policy Owner: Technical Operations Lead, accountable for deployment, monitoring, and review.

🔐 Protection Stack Overview

🧩 Datto Antivirus (AV)

  • Next-generation antivirus with AI/ML threat detection.

  • Real-time scanning and ransomware blocking.

  • NIST CSF Alignment: Protect (PR) & Detect (DE).

🔍 Datto Endpoint Detection & Response (EDR)

  • Behavior-based detection with continuous monitoring.

  • Automated containment & remediation.

  • NIST CSF Alignment: Identify (ID), Detect (DE), Respond (RS), Recover (RC).

🌐 DNS Filtering

  • Prevents endpoints from connecting to malicious, phishing, or command-and-control domains.

  • Works at the network layer, blocking threats even before files are downloaded or payloads execute.

  • Adds an extra layer of defense against zero-day threats and social engineering attacks.

  • NIST CSF Alignment: Protect (PR) & Detect (DE).

🛰️ Managed Security Operations Center (SOC)

  • eXpress badging® leverages a Managed SOC to provide continuous monitoring of all security tools and network activity.

  • The SOC team provides 24/7 oversight, correlates threat intelligence, and escalates incidents for rapid response.

  • Combined with fully managed IT services, this ensures our antivirus, EDR, DNS filtering, firewall, and backup systems are monitored, tuned, and remediated proactively.

  • NIST CSF Alignment: Detect (DE), Respond (RS), Recover (RC), Govern (GV).

🪟 Microsoft Defender Antivirus

  • Built-in, enterprise-grade AV for Windows.

  • Features: AI-driven real-time protection, tamper protection, controlled folder access, cloud-delivered intelligence.

  • NIST CSF Alignment: Protect (PR) & Detect (DE).

📊 NIST CSF 2.0 Alignment

NIST Function Endpoint Controls
🆔 Identify Asset classification & management (Defender tagging).
🛡️ Protect Real-time AV, tamper protection, ML threat prevention.
🔎 Detect Datto EDR monitoring, Defender scans, event logs.
🚨 Respond Automated isolation, process termination, ransomware rollback.
🔄 Recover EDR rollback & remediation workflows.
⚖️ Govern Executive approval, policy owner, quarterly reviews.

📈 Review, Reporting & Testing

  • 🖥️ Dashboards monitor AV/EDR health and threat activity.

  • 📆 Quarterly reviews validate policy effectiveness and track remediation.

  • 🎯 Testing: Simulated phishing & malware exercises confirm readiness.

🧱 Summary of Controls

Layer Purpose
🧩 Datto AV AI-driven prevention for workstations & servers
🔍 Datto EDR Behavior-based detection & recovery
🪟 Defender AV Built-in Windows antivirus, advanced features
👔 Oversight Policy owner, executive approval, EOS accountability

📖 Related Documentation

Last Updated: (set date)