Business
Focused
Technology

2020 New Antivirus Software Solution

Late last year, a few incidents occurred that made us reevaluate how we are protecting our clients’ networks. The incidents – like many others – started with a malicious email that was opened by an employee.  In the past, this would have resulted in a network share or multiple network shares being encrypted that we could then restore relatively quickly from backups. This time, however, the effects were much more devastating.
Not only did the Malware encrypt sensitive files and ask for a ransom, but it also effectively compromised every machine on the network. Backups were safe and accessible; the problem we now faced was re-installing every workstation on the network. While the workstations were backed up, there was not enough bandwidth to recover all the machines simultaneously or within a reasonable amount of time – meaning the servers would take the priority.
So, the task was restoring servers while simultaneously creating a brand-new network as we applied new images and operating systems to the workstations. This took at least 4-6 people working constantly, through nights and over weekends, to bring our clients’ networks back up to a usable state.
The game had changed as we know it. While backups have always been and will always be the key to business continuity and disaster recovery, a new reality is setting in that prevention is more important than ever. Most network compromises are coming through employees via email and websites.  Company network compromises are getting more debilitating and while backups are there to save the day, the time to recover from these scenarios is getting longer and longer.
IT360 has already started taking steps to detect these attacks before they happen. First, we have replaced everyone’s anti-virus with a new, more complete solution. The solution not only looks at signatures but also behaviors to stop infections before they grow and take over the network.
This anti-virus software is much more aggressive and will unfortunately block some programs that aren’t necessarily viruses. We are working to whitelist these false positives.  When an infection happens, we can isolate points where the infection started and then roll back files more quickly in the event of a compromise.
This is only one piece of what we believe is the total solution.  There are two more that every company should be implementing.

Security Awareness Training:

From a network vulnerability standpoint, your employees are the weakest link. Educating employees on what to look for in email and websites is more important than ever, and the second point of prevention. Training your employees once and hoping it will stick will not cut it. The bad guys are honing their skills daily and your business needs to be able to keep the same pace. It is important to not only train but also test your employees on a consistent basis to make sure they understand safe behavior from a security standpoint. Without proper training and testing, there is a high likelihood your network will eventually become compromised. HR policies will need to also be considered for those repeat offenders that continue to fail the testing and ultimately put your company at increased risk.

Managed Security Services:

The third area of prevention and detection is security operation services.  This is very similar to anti-virus software but takes things a step further to not only watch the computers, but the network. All traffic in-and-out of your network is logged, parsed, and anomalies in traffic are monitored for malicious activity. Behaviors are watched along with connections to known bad servers and IP addresses on the Internet. When an alert is raised and acted upon, further compromise of your systems can be halted.
Cyberattacks, malware and ransomware are an unfortunate constant threat in today’s day and age.  The time to recover from these threats is getting longer without the right protections in place.   At IT360, we are constantly surveying the threat landscape and providing solutions to keep our customers’ networks running as smoothly as possible.

President, Manufacturing Company

We are high speed and wireless with computer systems for everything we do. I do not worry at all because it has not been an issue since IT360 became a part of our company.

President, Manufacturing Company

Recent
Technology News

IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more
IT 360 News
Hyper-Personalized Phishing Attacks on the Rise

Phishing attacks are flooding in like never before and becoming more sophisticated. In 2023, there was a 47.2% increase in phishing attacks compared to the previous years. The attacks are also spreading beyond emails to text messages, phone calls, and other forms of personal communication. AI TOOLS The rise in attacks is attributed to the […]

Read more