Endpoint Governance

Branch Fleet Baseline

A hardened, monitored baseline for branch laptops, tellers, and shared kiosks that audit always asks about.

ImplementationImplementation: 5-8 weeks

FormatManaged baseline + reviews

Annual price₩41,000,000

What it does

Branch endpoints carry distinctive risk: shared logins, kiosk lockdown, intermittent connectivity. CrestNode ships a baseline configuration tuned for KR branch banking — kiosk shell, USB control, screen-saver attestation, after-hours sweep — with monthly drift reports and quarterly hardening reviews.

Inclusions

Pre-tuned kiosk and teller laptop baselines for shared-login environments
Granular USB and removable-media control with exception ledger
After-hours sweep with screenshot-free evidence capture
Branch-tier monthly drift report (no headquarters noise)
Quarterly baseline hardening review with line-item changelog

Outcomes after rollout

01 Bring branch endpoints to a consistent baseline within the first 30 days
02 Catch shared-login policy violations the same evening they occur
03 Replace branch screen-saver attestation paperwork

Common questions

From clients

The after-hours sweep was the part our auditors latched onto. We had been doing this manually with a spreadsheet for three years.

Lead on this module

Han Ji-won, Compliance Strategist

Eleven years aligning regional bank policy frameworks with FSC and FSS expectations. Builds the control libraries that shape every CrestNode rollout.

Schedule a scoping call

No obligation. KR business hours, English or Korean.

Previous ← Device Risk Remediation Flow Next Access Control Validator →