The title of this part of the blog series isn’t entirely truthful, but to be fair, that was on purpose. In radical candor, antivirus still has a place in the security strategy for your business. However, as the title subtly hints, it is no longer enough for companies to rely solely on antivirus.
“The layered approach is just like using a seat belt and an airbag – they both help keep you safe, but they work in different ways.”
The confusing world of layered protection.
AntiVirus (AV), Next Generation Anti-Virus (NGAV), Endpoint Detection and Response (EDR), Extended detection and Response (XDR), and Moving Target Defense (MTD) are some of the ways to secure your workstations and servers. Like most people, this can seem overwhelming if you aren’t a security or IT expert. Fear not! Here is a quick synopsis of what each solution does at a high level:
AntiVirus – An antivirus is software used to detect, prevent, and remove malware from a computer or network.
Next-Generation AntiVirus – A type of antivirus software that uses advanced technologies such as machine learning and artificial intelligence to detect and prevent malware threats more effectively than traditional antivirus solutions.
Endpoint Detection and Response – A security approach that continuously monitors and analyzes network activity to identify and respond to cyber threats.
Extended Detection and Response – A security approach that involves integrating and analyzing data from multiple sources, including endpoints, networks, and cloud environments, to identify and respond to cyber threats.
Moving Target Defense – A cybersecurity strategy that constantly changes a system’s attack surface, making it more difficult for attackers to find vulnerabilities to exploit.
Which path should I choose?
Before we answer that question, let’s point something else out. If you were a keen observer above, you might have seen that we indicated what the solution actually was as we laid out the various types of protection; if you missed that, no worries. We will review it right now and explain why it’s essential.
Each of the antivirus solutions mentioned is a type of software.
Why it’s important
AV and NGAV software can be easy to install and manage for a lean IT group or a tech-savvy business. There is typically also support that can help you remediate threats if needed.
Each of the endpoint detection solutions mentioned is a type of security approach.
Why it’s important
EDR and XDR will typically require some real security expertise and knowledge. These security approaches may not be for the savviest of businesses or lean IT groups without the appropriate in-house security expertise.
Each of the advanced defense solutions mentioned is a type of strategy.
Why it’s important
Much like the EDR and XDR solutions, MDT is even more just for security professionals. It requires a high level of expertise to run and implement advanced systems like MDT.
Since this series is aimed at small and medium-sized businesses that may not have dedicated internal and external IT staff, we will discuss only Next Generation AntiVirus. However, the principles below would apply to any software, approach, or strategy for your business.
You get what you pay for.
Much like our earlier post, Get a Real Email Solution, you get what you pay for. However, endpoint security and security for your business generally is a bit more than picking the right product and installing it. However, some general guidelines below can help you find the appropriate path forward to start addressing endpoint security within your business.
Adopt a real solution.
If you are still using that bundled antivirus that came with your computer or a free antivirus you downloaded from the internet, this section is for you. While there are some great free antivirus solutions on the market today that can offer some form of protection, they all have some limitation that prohibits them from a real business environment. The following two items in this section address these directly.
Your small or mid-sized business should understand what specifically you need to protect on your endpoints before making a decision.
Check out this Gartner Quadrant report from Microsoft on endpoint protection solutions for a snapshot of relevant leaders in this space. Many of them offer solutions for businesses of all sizes.
Standardize on an endpoint security tool.
Admittedly, more important than which endpoint solution you pick is the fact that everyone should standardize on that one solution. Allowing people to use whatever tool they choose is somewhat of a self-defeating effort, as your security is only as good as the weakest point. If a standard is not established, it leaves room for weaknesses to enter your security strategy and make it all for naught.
Also, if you have different operating systems like Windows, Mac, and Linux, you will need to get a solution that can cover them all and support the core features.
Make sure your endpoint security is managed and monitored.
This is a big one. Even more important than standardizing is ensuring your solution is managed and monitored. Much like an alarm system on a house or alarms that indicate potential shoplifting in a store, they are simply noise if not monitored and enforced. And this blog series is about cutting through the noise, is it not?
Many of the newer Next-Generation Antivirus (NGAV) tools come with a dashboard that can show the health of your endpoints in a single pane of glass. This is perfect for giving you insight and having you track what is happening in your business. However, there is something you really need to ask yourself: Is this something you, or someone in your business, has the ability to run and respond to alerts? And how much commitment will it be to maintain that level of health for those endpoints?
As mentioned earlier, your business’s security should be recognized as a holistic journey. That journey should be highly personalized with careful considerations regarding potential threats to your business, employees, and customers. While there is no one size fits all security solution, we hope this article gets you further along in your journey.
How StrataNorth Can help.
If you are ready to transform your business’s security landscape and are looking for experts to guide you, StrataNorth has security consultants with decades of experience. We can help you reach security nirvana and give you a roadmap for success. Reach out for a no-cost, no-obligation chat with a security expert today.