We’ve Got This: Endpoint Protection

by | Jul 22, 2020 | Managed Services

These days, organizations are forced to navigate uncertain waters, resources are stretched as thin as ever, and workers are adapting to new workstyles. Through it all, Peters & Associates wants you to know that we have your back. As part of our 6-part webinar series, every two weeks we’ll be sharing solutions for supporting, managing, and securing your IT environment – whether workers are back in the office or working from home. Check out the schedule below to catch up on webinars that you’ve missed or register for our remaining webinars.

On July 22nd, we held our second webinar in our series, Endpoint Protection. During that presentation, we discussed how new security tools are adapting to new threats, how to secure your endpoints when workers are remote, and how Peters & Associates secures our clients’ environments. Read on to get caught up or check out the full recording below.

The Evolution of Anti-Virus Solutions

It’s no secret that the frequency of cyber-attacks is on the rise. According to a November 2019 trend report from RiskBased Security, a security analysis firm, the number of cyber-attacks increased by 33% through the third quarter of 2019 compared to the third quarter of 2018. Further, according to the FBI, the COVID-19 pandemic has resulted in a spike in reported attacks by as much as 300% – leading to 3,000 to 4,000 registered complaints per day. Meanwhile, attackers are using more sophisticated methods to infiltrate organizations. How are security tools keeping up?

In response to increasingly advanced methods deployed by cyber attackers, security vendors have developed a new stance on protecting endpoints from malware. The traditional method of protecting workstations and servers from viruses and malware has been signature-based. Signature, or definition, is the term used by security researchers for the unique identifiers applied to an individual strain of malware. When security analysts discover a new malware strain, they designate the malware with a signature. The signature is then passed down to the anti-virus software on each endpoint. That way, when this strain of malware attempts to infect one of these endpoints, the anti-virus software can recognize it and prevent it from running. For a long time, this model worked well. However, this traditional model has not been able to keep pace with rapid virus development. According to data shared in Verizon Enterprise’s 2016 Data Breach Investigations Report, security researchers found that 99% of malware hashes (or the basis by which signatures identify malware) were seen for 58 seconds or less. In other words, malware is changing more quickly than traditional anti-virus can keep up.

Furthermore, traditional anti-virus relies on file scanning to detect malicious software. The rise of “fileless” or “in-memory” attacks have challenged anti-virus and anti-malware tools. How can anti-virus software account for a piece of malware that no one has ever seen before or malware that can’t be detected by file scanning?

Next-Gen protection solutions take a multi-layered approach to securing endpoints. Like traditional endpoint protection, Next-Gen solutions first rely on threat intelligence feeds to identify malicious software and prevent it from running on the machine. If a malicious program does reach the endpoint, Next-Gen anti-virus solutions use behavioral analysis and machine learning to identify and stop the malware. Next-Gen anti-virus solutions monitor every application, executable, and script running on an endpoint. The software analyzes how potential malware and scripts behave and the resources that they attempt to access. When behavior veers from expected, safe conduct, the Next-Gen anti-virus solution stops the application and rolls back changes that were made.

New Tools for a New Fight

In addition to evolving anti-virus protection, new solutions have emerged to help protect our endpoints and our networks. One such solution is referred to as DNS Protection. DNS, or Domain Name Server, is the function of the internet that translates the website name that you type into the IP Address of the web servers. DNS servers are hosted by internet, security, and hosting organizations across the internet to allow users to traverse the web. Some organizations provide DNS Protection services, which allow for filtering of malicious websites and undesirable content before it even reaches your network.

DNS Protection becomes even more important as workers are more distributed than ever. Whether workstations are in the office or out, connect via VPN or disconnected, all internet traffic is routed through DNS Protection. Thus, providing an additional layer of security to protect your workstations and your network.

Essential Managed Services: Endpoint Protection and Internet Gateway Security

Effective endpoint protection extends beyond leveraging the most advanced defense technologies. You need a team to review alerts, provide analysis of threats, and respond to incidents.

P&A provides managed endpoint protection and DNS protection (Internet Gateway Security) services for workstations and servers. Our team manages the removal of existing solutions, deployment and configuration of the new solution, reporting on threats and usage, and provides a coordinated response to alerts from our endpoint protection tools.

Let our team help you shoulder the load with management of your endpoint security so that you can focus your energy on supporting your employees and advancing your organization.

Looking to Learn More?
  • You can download the slide deck here.
  • Watch the full webinar below