There’s nothing scarier for a business owner this time of year than a breach of their computer network. While properly training employees is still the best defense, a new breed of protection has gradually become economical enough for the average small business environment. With most cyber liability insurance providers requiring this new level of protection, EDR (Endpoint Detection & Response) products are becoming mainstream.
For many years, antivirus products have been the gold standard to protect computers from malicious software. They have always been challenged by a multitude of caveats that have kept them from doing as good of a job as they should. Scanning every file access slows down the computer. Flagging every instance that “looks” nefarious interrupts end users constantly and reduces productivity. Searching based on a “signature” of known threats ignores all new threats. When a threat is found, it’s usually looked at by someone with a generalist IT background instead of a security professional.
EDR solutions work a bit differently. By leveraging AI, they look for anything out of the ordinary. They can catch a threat that has never been seen before but they also catch a lot of legitimate things like software updates and remote access software. Instead of interrupting the end user or the IT support provider with every event that looks out of the ordinary, it sends the report to a SOC (Security Operations Center). There, a team of trained security professionals reviews the incident, decides if it should be allowed, and if found to be nefarious, takes steps to halt and remove the threat. Most threats found by EDR are resolved behind the scenes by the SOC. In the rare instance where they do need more interaction to remove a threat, they contact our team to work with them and the end user to fully contain and resolve the threat.
For more information about our employee Cyber Security Training platform or EDR solution, email us at support@AbleTP.net.