Microtrading is now offering Managed Endpoint Detection and Response to clients, allowing them to protect their business like never before. But what does it all mean?
In this article, we’re exploring what EDR is, how it works, what threats it can protect you from and how it can benefit your business.
What are the risks to my business?
It’s easy to think “Do I really need something new? Malware has been around for ages.” That’s true. Adware, ransomware, spyware and the like have been a threat for many years, but we’ve never before seen the volume and sophistications of malicious software that we see now.
The threats are more aggressive than ever, and the techniques being used are always changing. And when they change, antivirus isn’t always ready to protect you.
When a new piece of malware is created and deployed to attack devices, it may go unregistered for a while. Once the new strain is finally identified by the antivirus software vendors, it can typically take up to a week for them to release an update to counter it and keep you safe.
What this means is that there is a significant window for some of the most dangerous threats to your IT to attack you before your antivirus has an update for it – and that’s only if you update immediately – see SolarWinds Five Cyberthreats that Slip Past Traditional Anti-Virus eBook.
So, what’s the solution? Managed Endpoint Detection and Response.
What is Managed Endpoint Detection and Response?
Managed Endpoint Detection and Response, or ‘EDR’ is our next generation antivirus solutions which prevents, detects, and responds to ever-changing threats—and helps systems to recover quickly when an attack has been successful.
An endpoint is any end-user device, such as a desktop, laptop, mobile device, server or virtual environment. Endpoints serve as points of access to an enterprise network and create points of entry that can be exploited through malicious actions.
Next generation detection
Endpoint Detection uses AI (Artifical Intelligence) and machine learning to identify and tackle, in near real-time, any attacks to your IT infrastructure that are yet unknown, commonly referred to as zero-day attacks. Using heuristic techniques, it assesses the behaviour of programs accessing your systems and data. When it detects any programs making suspicious actions – EDR responds.
EDR allows you to respond to these attacks in several ways. It provides a comprehensive set of solutions that minimise any potential impact.
These processes and procedures can be configured to suit your needs, and include:
- Customised policies – planning, planning, planning. EDR has tools to minimise the chances of becoming infected in the first place. It can be used to allow or block endpoint traffic or specific USB devices connecting to your machines, and specify the best automated response.
- Containment – once a threat has been identified, EDR can prevent it from causing any further damage. This involves containing and neutralising an infection and can also include disconnecting an infected machine from the rest of the network.
- Automatic rollback – if the worst happens, and an aggressive piece of malware has caused damage and disruption to your systems, such as a ransomware attack that encrypts your data, EDR can roll back the infected machine(s) to the last time it was ‘healthy’ – moments before the attack. (This applies only to Windows operating systems).
- Recovery – EDR offers multiple recovery options for you to choose from, ranging from partial recoveries to fully-automated responses.
How can Microtrading help?
We can assess your IT security and supply, install and support EDR for your IT infrastructure. We’ll install the software, configure it in accordance with your needs and monitor your system on an ongoing basis – reporting and acting on any events that may take place.
We can also offer a range of other services to enhance your cyber security. Did you know that the majority of successful cyberattacks involve human error? Our cyber security training enables you to empower your team with the knowledge they need to keep themselves and your IT safe.