Business
Focused
Technology

2020 New Antivirus Software Solution

Late last year, a few incidents occurred that made us reevaluate how we are protecting our clients’ networks. The incidents – like many others – started with a malicious email that was opened by an employee.  In the past, this would have resulted in a network share or multiple network shares being encrypted that we could then restore relatively quickly from backups. This time, however, the effects were much more devastating.
Not only did the Malware encrypt sensitive files and ask for a ransom, but it also effectively compromised every machine on the network. Backups were safe and accessible; the problem we now faced was re-installing every workstation on the network. While the workstations were backed up, there was not enough bandwidth to recover all the machines simultaneously or within a reasonable amount of time – meaning the servers would take the priority.
So, the task was restoring servers while simultaneously creating a brand-new network as we applied new images and operating systems to the workstations. This took at least 4-6 people working constantly, through nights and over weekends, to bring our clients’ networks back up to a usable state.
The game had changed as we know it. While backups have always been and will always be the key to business continuity and disaster recovery, a new reality is setting in that prevention is more important than ever. Most network compromises are coming through employees via email and websites.  Company network compromises are getting more debilitating and while backups are there to save the day, the time to recover from these scenarios is getting longer and longer.
IT360 has already started taking steps to detect these attacks before they happen. First, we have replaced everyone’s anti-virus with a new, more complete solution. The solution not only looks at signatures but also behaviors to stop infections before they grow and take over the network.
This anti-virus software is much more aggressive and will unfortunately block some programs that aren’t necessarily viruses. We are working to whitelist these false positives.  When an infection happens, we can isolate points where the infection started and then roll back files more quickly in the event of a compromise.
This is only one piece of what we believe is the total solution.  There are two more that every company should be implementing.

Security Awareness Training:

From a network vulnerability standpoint, your employees are the weakest link. Educating employees on what to look for in email and websites is more important than ever, and the second point of prevention. Training your employees once and hoping it will stick will not cut it. The bad guys are honing their skills daily and your business needs to be able to keep the same pace. It is important to not only train but also test your employees on a consistent basis to make sure they understand safe behavior from a security standpoint. Without proper training and testing, there is a high likelihood your network will eventually become compromised. HR policies will need to also be considered for those repeat offenders that continue to fail the testing and ultimately put your company at increased risk.

Managed Security Services:

The third area of prevention and detection is security operation services.  This is very similar to anti-virus software but takes things a step further to not only watch the computers, but the network. All traffic in-and-out of your network is logged, parsed, and anomalies in traffic are monitored for malicious activity. Behaviors are watched along with connections to known bad servers and IP addresses on the Internet. When an alert is raised and acted upon, further compromise of your systems can be halted.
Cyberattacks, malware and ransomware are an unfortunate constant threat in today’s day and age.  The time to recover from these threats is getting longer without the right protections in place.   At IT360, we are constantly surveying the threat landscape and providing solutions to keep our customers’ networks running as smoothly as possible.

President, Transportation Company

Your technical support team has always been able to handle our needs quickly, efficiently, and patiently. We appreciate your timeliness and the hours you have saved us. It is great to know that we have people at IT360 capable to provide solutions to our problems.

President, Transportation Company

Recent
Technology News

IT 360 News
Yahoo Suddenly Rises in Popularity in Q4 to Become the Most Impersonated Brand in Phishing Attacks

Completely absent from the top 10 brands for more than two years, Yahoo’s impersonation may indicate that scammers are looking for new attack angles using lesser-used brands. Yes, of course, Yahoo is anything but insignificant. With revenues topping $8 billion, the search engine giant is still quite relevant today. But in the world of phishing attacks using […]

Read more
IT 360 News
BEC Group Launches Hundreds of Campaigns

A business email compromise (BEC) gang has launched more than 350 attacks against organizations in the US, according to researchers at Abnormal Security. The threat actor, which Abnormal Security tracks as “Firebrick Ostrich,” conducts open-source reconnaissance on their targets in order to construct their scam. “In contrast to other forms of financial supply chain compromise […]

Read more