In our last article, we discussed why traditional antivirus often fails and what your business can do about that.
In this article, we’ll talk about your second line of defense – the one that kicks in when something manages to slip through your antivirus. It’s called Endpoint Detection and Response.
In general, Endpoint Detection and Response (EDR) refers to the process of tracking all activities on an endpoint, so you can determine if a criminal is trying to hack your systems. An endpoint, by the way, can be a computer, a laptop, a phone, a tablet… you get the idea.
That’s the official Endpoint Detection and Response definition, but it takes a little bit more explaining to fully understand.
Years ago, before we were all using the cloud, cybercriminals were forced to manually infect your office networks to hack you. They had a bunch of tricky ways to get around your defenses (hint: don’t plug in unknown thumb drives!) – but, in general, they had to figure out a specific point of attack in order to get in. This is because your networks were pretty well locked down before the cloud.
Think of hacking back in the day like trying to blow up the Death Star. Boy, was that complicated!
Nowadays, most small to mid-size businesses are using the cloud in one form or another —email, labor tracking, invoicing, CRM — and WFH or on-the-go employees log in to your company’s cloud services to do their jobs. No problem there; the cloud is pretty darn secure (except for some cloud security pitfalls).
Here’s the problem with cloud business software: your employees are logging into it using their own devices in most cases.
Those devices (and routers and IoT) of theirs could be riddled with malware, spyware, or other cyberthreats – or they may simply be vulnerable to all of those threats because their device’s cybersecurity is out of date. Unsecured devices (AKA endpoints) make hacking super easy because literally everything that’s unsecured and connected to the internet is vulnerable to attack.
Think of hacking today like trying to blow up a firecracker. It’s not that hard; it just takes easy-to-buy tools (like matches or ransomware subscriptions).
Cybercriminals are sophisticated professionals these days (sophisticated professional scumbags). Their only job is to hack you.
They don’t have to invoice clients or attend sales conferences or weigh benefits packages or dig in to community outreach. All they have to do is hack you. Imagine what you could do with that level of focus! Now imagine what they can do.
Considering it that way, it’s not hard at all to imagine that at least one attack will slip past your traditional or next generation antivirus solution over the course of the next few years. In fact, it gets a bit hard to imagine that at least one attack hasn’t yet slipped through your defenses.
Endpoint Threat Detection and Response tools kick in when criminals break in.
Endpoint Detection and Response tools use advanced technology to identify and shut down anomalous behavior on every endpoint accessing your sensitive business data 24/7. This helps keep your company safe in the event of an attack.
When hacking your system took the level of skill that it took to blow up the Death Star, there weren’t so many hackers out there. These days, with hacking being so easy, there’s a lot more cybercriminals and a lot more viruses and malware. You need more defenses against them.
It’s important to remember that a cybercriminal only has to succeed with one hacking attempt. One single success means they can steal your data, compromise your systems, and harm your company’s reputation. (Ouch.)
To prevent even that one time, many modern business leaders have set up layered cybersecurity to keep their networks and data safe.
Need some help with your own layered security setup? Interplay is happy to lend a hand.
For nearly 20 years, our IT experts at Interplay have been Seattle’s friendliest, most fun team of computer geniuses around – and we’re committed to keeping our city’s businesses safe from cybercrime.
Not quite sure how secure your business systems are? We’re offering two complimentary options to help you figure out your current level of cybersecurity. You can either: