Business
Focused
Technology

IT360
IT360

Quick Links

gear service ticket iconStart a service ticket

2020 New Antivirus Software Solution

Late last year, a few incidents occurred that made us reevaluate how we are protecting our clients’ networks. The incidents – like many others – started with a malicious email that was opened by an employee.  In the past, this would have resulted in a network share or multiple network shares being encrypted that we could then restore relatively quickly from backups. This time, however, the effects were much more devastating.
Not only did the Malware encrypt sensitive files and ask for a ransom, but it also effectively compromised every machine on the network. Backups were safe and accessible; the problem we now faced was re-installing every workstation on the network. While the workstations were backed up, there was not enough bandwidth to recover all the machines simultaneously or within a reasonable amount of time – meaning the servers would take the priority.
So, the task was restoring servers while simultaneously creating a brand-new network as we applied new images and operating systems to the workstations. This took at least 4-6 people working constantly, through nights and over weekends, to bring our clients’ networks back up to a usable state.
The game had changed as we know it. While backups have always been and will always be the key to business continuity and disaster recovery, a new reality is setting in that prevention is more important than ever. Most network compromises are coming through employees via email and websites.  Company network compromises are getting more debilitating and while backups are there to save the day, the time to recover from these scenarios is getting longer and longer.
IT360 has already started taking steps to detect these attacks before they happen. First, we have replaced everyone’s anti-virus with a new, more complete solution. The solution not only looks at signatures but also behaviors to stop infections before they grow and take over the network.
This anti-virus software is much more aggressive and will unfortunately block some programs that aren’t necessarily viruses. We are working to whitelist these false positives.  When an infection happens, we can isolate points where the infection started and then roll back files more quickly in the event of a compromise.
This is only one piece of what we believe is the total solution.  There are two more that every company should be implementing.

Security Awareness Training:

From a network vulnerability standpoint, your employees are the weakest link. Educating employees on what to look for in email and websites is more important than ever, and the second point of prevention. Training your employees once and hoping it will stick will not cut it. The bad guys are honing their skills daily and your business needs to be able to keep the same pace. It is important to not only train but also test your employees on a consistent basis to make sure they understand safe behavior from a security standpoint. Without proper training and testing, there is a high likelihood your network will eventually become compromised. HR policies will need to also be considered for those repeat offenders that continue to fail the testing and ultimately put your company at increased risk.

Managed Security Services:

The third area of prevention and detection is security operation services.  This is very similar to anti-virus software but takes things a step further to not only watch the computers, but the network. All traffic in-and-out of your network is logged, parsed, and anomalies in traffic are monitored for malicious activity. Behaviors are watched along with connections to known bad servers and IP addresses on the Internet. When an alert is raised and acted upon, further compromise of your systems can be halted.
Cyberattacks, malware and ransomware are an unfortunate constant threat in today’s day and age.  The time to recover from these threats is getting longer without the right protections in place.   At IT360, we are constantly surveying the threat landscape and providing solutions to keep our customers’ networks running as smoothly as possible.

Partner, Law Firm

We hired IT360 as our computer hardware and software computer consultants when the company first went into business. Since then, they have helped us purchase new software and hardware equipment that we have instituted into the law firm. Any time we needed them to be there they have been. They have solved all of our problems including: stand alone computers, networking issues, Internet access issues, and software. I would highly recommend IT360 to anybody who needs help in these areas.

Partner, Law Firm

Recent
Technology News

IT 360 News
Threats and Infrastructure

From Arctic Wolf SUMMARY On February 7, 2024, CISA issued an advisory detailing their discoveries concerning state-sponsored cyber actors linked to the People’s Republic of China (PRC). Notably, the PRC-affiliated threat actor, Volt Typhoon, is actively engaged in efforts to infiltrate IT networks, with the potential aim of launching cyberattacks on vital U.S. infrastructure in […]

Read more
IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more