The Changing Face of Anti-Virus
Security used to be so simple (we’ve been around a while). Install anti-virus (AV), train employees not to click on unknown links, and keep the software, hardware, and websites up-to-date. Throw in a firewall with some country-filtering and what more could you need? Those days are gone.
Many of us love being able to use a variety of devices and move pretty effortlessly from our office to our car to our home office; we can even access what we need/want from a coffee shop or a public computer. None of these options were in the traditional model—all the computers were on the network and all devices ran through the network, therefore they could all be secure. The most common solutions for work now include a growing number of apps and cloud services, neither of which are under the IT team’s control. Then you have company-specific files, even confidential files outside your network in solutions like Dropbox or Slack (two examples). Most companies allow BYOD (Bring Your Own Device) which saves the capital cost of purchasing phones and laptops, but results in having unmanaged devices on your network and accessing your data. These same devices then add data back to the company systems. Then there are wi-fi networks; we could go on, but I think you get the point.
Anti-Virus alone just doesn’t cut it anymore. It’s important, but it’s not enough. AV is designed to look for known signatures and stop them. When AV software is updated with the latest definition files, it’s the new things that are now ‘known.’ Basically, something has to be identified as a bad actor in order to be added to these definition files to avoid future compromises. This is a race with the hackers that is a never-ending battle and difficult to win.
According to a whitepaper by Egnyte, 85% of all breaches involve a human element, and this sentiment is echoed throughout our industry. Our teams are pounded with phishing attempts, business email compromises, lost or stolen credentials, the chronic use of insecure credentials (weak passwords!), and human error. Mobile devices, and I would add home devices, are the weakest link when it comes to IT security since staff members tend to be less cautious when they’re on-the-go or at home.
Here are four (4) of the new risks we’re facing:
So what’s an anti-virus software to do? What else can we do to protect our team members and our company data from this onslaught? We’d like to introduce you to Managed Endpoint Detection and Response (EDR).
The pattern of the threats is changing, so the type of software protection needs to be more sophisticated. Newer threats don’t have ‘signatures’ which is what AV solutions use to find the threat in the first place. Managed EDR uses Artificial Intelligence (AI) to stay on top of new threats and it monitors processes, something traditional AV can’t do.
In the coming months, we’ll move all of the computers we manage from our current AV, which has been very good, to the new EDR solution. Here are a few reasons and outcomes:
We’re in the process of creating our implementation plan, then we’ll provide additional details. We’ll continue to communicate through our newsletters, weekly email updates (Monday mornings!), and directly with you. If you have questions, please reach out and we can talk! – CMW