Quick Start Guide

Read this Quick Start Guide to get going with Kaspersky Endpoint Security Cloud. The Guide contains tips about managing your users and installing security applications on their devices.

Quick start scenario

After you perform the quick start scenario, the devices in your organization will become protected. The quick start scenario contains the following steps:

  1. Create an account

    To start using Kaspersky Endpoint Security Cloud, you need an account on the Kaspersky Business Hub portal. To create an account:

    1. Open your browser and enter the following address: https://cloud.kaspersky.com.
    2. Click the Create an account button.
    3. Follow the onscreen instructions.
  2. Create a workspace

    After you have created the account, you can create your first workspace. We recommend that you first create one test workspace, connect your own devices to it, and test any modifications to the settings, noting the results.

    We recommend that you create a separate workspace for each company that you manage, even if a company only has a few users. In this way, you will be able to do the following:

    • Change settings for each company individually.
    • Keep track of the license count and the increase or decrease of the number of users in the company.
    • Assign administrator rights to a user within the company, who can access that company’s workspace only.

    To create a company workspace:

    1. Open your browser and enter the following address: https://cloud.kaspersky.com.
    2. Click the Sign in button.
    3. Follow the onscreen instructions.
  3. Perform initial setup of Kaspersky Endpoint Security Cloud

    After you create a company workspace, you must perform initial setup of Kaspersky Endpoint Security Cloud. Initial setup starts automatically when you start Kaspersky Endpoint Security Cloud Management Console for the first time.

  4. Define your users, install security applications, and connect the devices

    Once your first workspace is prepared, you can start with following the main setup steps provided in the Information panelGetting started section. These steps include adding user accounts, connecting their devices to Kaspersky Endpoint Security Cloud, and creating an Apple Push Notification service (APNs) certificate (which you need if you want to manage iOS devices).

    These steps are divided into three groups:

    • Preconfigured

      You already took these steps when you created the workspace.

    • Required

      You must take this step to start protection of the devices:

      Add users by providing their email addresses. An invitation is sent to the email address; this invitation holds the download link to the security application. The user's device is recognized when the user clicks the link, ensuring that the proper software is downloaded.

    • Recommended

      We recommend that you take these steps to enhance the protection of devices.

      1. Once the software has been downloaded and installed on the device of the user, assign the user as the device owner.
      2. Create an APNs certificate. The APNs certificate is created in one run. You must follow the steps for its creation without interruption because the signing process has a time stamp, which will expire if the creation process takes too long.
  5. Manage protection

    Next to each user in the Users section, the Default security profile has been assigned. This is the security profile with the default settings as recommended by Kaspersky experts.

    In the Security managementSecurity profiles section, you can create different security profiles (or copy existing security profiles) and assign them to different users. Every new security profile holds the default settings until you modify them. Each security profile holds four tabs for the respective platforms: Windows, macOS, Android, and iOS.

    When creating a security profile, take into consideration the organizational structure of the company that you manage. The security profile for a developer may differ from the one used for a sales representative or a human resources assistant. Name each security profile accordingly.

    We recommend that you prevent users from modifying or deleting the security applications installed on their devices. Therefore, define the following settings:

    • For Windows devices, do the following:
      1. Go to the WindowsAdvancedInterface tab, and make sure that Password protection is enabled.
      2. Select the operations that a user will not be allowed to perform without the password.
    • For Mac devices, do the following:
      1. Go to the MacAdvancedInterface tab, and choose whether you want the Kaspersky Endpoint Security for Mac application icon visible on the menu bar or not.
      2. On each device in system preferences, use the macOS account type settings (admin or standard user) and the Mac, "lock" icon ("lock") icon to prevent the user from removing the software.
    • For Android devices, do the following:
      1. Go to the AndroidSecurity settings tab, and make sure that Screen lock is enabled to protect the device from unauthorized access.
      2. Go to the Advanced tab and make sure that Kaspersky Endpoint Security for Android cannot be removed.
    • For iOS devices, go to the iOSSecurity settings tab, and make sure that Screen lock is enabled to protect the device from unauthorized access.

    After defining the required settings of security profiles, you can assign the security profiles to the intended users.

  6. Specify licenses

    After you have created a workspace for every company, specify the license for each company in the company workspace. Click Information panelLicense, and then enter the activation code.

    The activation code will be distributed automatically to the security applications, which may take 15 minutes, as the applications attempt to sync with the workspace every 15 minutes.

  7. Define other settings

    You can define other optional settings.

    • By default, Idle Scan is enabled for devices running Windows. Autorun objects, system memory, and the system partition are scanned when the device is locked or when the screensaver is active for five or more minutes. If you want, you can additionally click the Settings tab and set the schedule for the virus scan. From the Devices tab, you can start the virus scan task.
    • The security applications mostly use the Kaspersky Security Network cloud service in their operation and to a lesser extent the application’s anti-virus databases. If you want, you can click the Settings tab and set the schedule for the anti-virus database update. From the Devices tab, you can start the anti-virus database update task.
    • From the Settings tab, you can configure which event notifications you want to view in your events overview.

      The information about events is not aggregated. Each event is sent in a separate email message. If you want to configure the delivery of event notifications, be ready to receive a large number of email messages to your mailbox.

    • From the Distribution packages tab, you can download the software directly and prepare new software when it is available. The newly prepared software will then be distributed to newly invited users.

Page top