The Basics of Securing Workstations: Physical

In this blog page, we are going to take a look at what is an endpoint device, what are three levels of security, the areas cybercriminals are most likely to target, and lastly how to harden our workstations.

What is an endpoint?

An endpoint is a client machine that is linked to a network system and allows the user to receive data over the network. Endpoint term often refers to desktop and notebook computers, as well as mobile computing electronic devices and smartphones.

Hardware is where device hardening efforts begin. Our efforts, however, extend to the local host’s OS, system files, and programs.

Three levels of security in endpoint devices

Endpoint devices can be secured using three levels of protection:

1-) The external perimeter is the area around the actual item and its housing (hardware).

2-) The device’s operating system and software applications should be considered the inner perimeter (software).

3-) The device or item’s innards is made up of intellectual digital assets, like data derived, acquired, and saved in the database digitally in the device (data).

Three areas of gaining access to data

There are three general areas where cybercriminals can get access to computers and smart control devices:

1-) When data is in use, which is also referred to as in memory.

2-) When they are stored on storage media which is also referred to as at rest.

3-) While they are being transited from one area to the other which is also referred to as “in transit”.

How to secure endpoint devices?

Controlling access to endpoint devices is the first level of security. What you can’t get to can’t be damaged, destroyed, or stolen. This is also true for smart computers and control devices. So, the first step is to limit physical access to the devices as much as possible.

House your servers, smart control devices, or microcontrollers in secure, locked containers to which only those with keys have entrance.

You must also secure the peripherals of the devices. Many electronic systems’ have fundamental input instruments which are called peripherals. Some examples are keyboards, mouse, or touch-sensitive screens. These peripherals provide the most evident point of entry through the outside border.


As this page suggests, hardware protection is the most critical aspect of securing workstations. To increase security, we should start by restricting access to our endpoint devices. We should also design workstation security implementations keeping in mind that an attacker’s most profitable aim is access to the interior assets of our device.

Do you want to get practical skills to work in cybersecurity or advance your career? Enrol in MCSI Bootcamps!