Policy enforcement
Once you finish building your security policy, it is time to enforce it, and this enforcement will take place by using different technologies according to the company’s needs. Ideally, you will have an architecture diagram of your network to understand fully what the endpoints are, what servers you have, how the information flows, where the information is stored, who has and who should have data access, and the different entry points to your network.
Many companies fail to enforce policies fully because they only think of enforcing policies at endpoints and servers.
What about network devices? That’s why you need a holistic approach to tackle every single component that is active in the network, including switches, printers, and IoT devices.
If your company has Microsoft Active Directory, you should leverage the Group Policy Object (GPO) to deploy your security policies. These policies should be deployed according to your company’...