You already know that the traditional antivirus system is not enough to secure your network from cyber-attacks. Consider these endpoint protection tools for enterprise-level protection of your endpoints.

Through our MDR service, Cybriant offers endpoint protection to secure all the endpoints connected to your IT network from cyber threats. Endpoints are the devices i.e. smartphones, tablets, desktops, laptops, servers, or any other I/O device connected to the respective network, acting as the terminal point of the network.

Endpoints connected remotely, having access to a network might create a loophole in your network for the hackers to break into your network. Endpoint Protection tools monitor and scan every device over the network. Endpoint protection makes sure that all your endpoints are secure and your network is free from any kind of malware threat by blocking cynical and malicious endpoints to access your network.

Cybriant Managed Detection and Remediation (MDR) services allow you to monitor and install antivirus, add firewall and enterprise IT perimeters to secure your endpoints, and to protect your business network from the rising wave of cybersecurity threats.

MDR vs. Antivirus: What is the Difference?

Both Managed Detection and Remediation (MDR) and Antivirus are used to ensure the security of your endpoints. Before going to choose from one of them, you must know everything in detail about these programs and what amenities they provide to protect your endpoints. Which is best, and why should you go to utilize one?

What is Antivirus?

Antivirus software is a traditional program used to detect and remove malware like viruses, keyloggers, trojans, worms, ransomware, adware, and many more.

Newly launched and upcoming malware is becoming more and more advanced. Hackers are designing malware so it avoids detection by traditional antivirus.  Antivirus programming is accessible as an independent arrangement or as one part of an endpoint assurance stage.

Features of antivirus:

• Web Protection
• Alert notification
• Real-time scanning option
• Threat identification

Antivirus protects only individual devices and is auspicious if you’re administering a small start-up.

What is Managed Detection and Remediation (MDR)?

MDR is the most advanced and reliable system, which is the combination of technology and innovation, provides services to detect malicious activity on web networks to developing companies and organizations. Cybriant offers managed detection and response (MDR) service to overcome the cyber attack by reducing the time to detect and suggesting useful remediation as soon as possible.

The cybersecurity research team of Cybriant monitors your network 24/7. To secure your business, we provide timely response to malicious activity and great remediation strategies to protect your valuable computer network data, including servers, mobile devices, and desktops from incursions and malware attacks. We assure you 100% security and defend your network against most advanced threats.

Importance Of Endpoint Security

As remote working is increasing rapidly, hackers have numerous opportunities to attack their victims to steal their essential data from the loopholes that exist in the network. With the increase of endpoints like laptops, smartphones, tablets, and other mobile devices, so the risk of losing data is also increasing day by day.

Hackers are always coming up with new ways to gain access to web networks to steal priceless information or manipulate employees into giving out perceptive data. To get rid of all these stumbling enigmas and to keep secure sensitive data of your organization, it’s essential to protect any and all endpoints that are connected to your corporate networks.

Top Five (5) Enterprise Endpoint Protection Tools of 2020:

• Bitdefender: If you want reliable security for your organization, then Bitdefender Gravity Zone Business Security enterprise must be in your shortlist. It allows you to use the extensive command, and also powerful detection inclinations.
• SentinelOne: SentinelOne is most advanced and all in one endpoint security software and AI platform. It is from the company of the same name, presenting a combined antivirus and EDR solution system. Cybriant is also using this superior endpoint protection tool, which offers real-time forensics to deliver investigative abilities and multiple performance detection methods.
• ESET Endpoint Security: ESET endpoint protection is a prominent advantage for small to medium size businesses. It provides a unique remote management system for the progress of the diminutive business without any interruption related to the security of endpoints.
• Symantec Endpoint Protection: Symantec offers a completely highlighted endpoint assurance arrangement, with the continued threat of prevention capacities, including documenting less assault insurance, upgraded portable application security, and insurance for cloud-associated clients. Symantec gets acknowledgment as an intensive competitor of malware arrangements around the world.
• CrowdStrike Falcon: CrowdStrike Falcon endpoint solution covers Windows web network and servers just as Mac PCs, Smart Phones, and Tablets regardless of whether on or off the system and joins EDR and hostile to malware into an individual agent. It also offers the visibility of real-time detection of malicious activity.

Why should you choose Cybriant for Endpoint protection?

As already mentioned above, we are using the most advanced SentinelOne technology tools to provide you with impeccable endpoint security with the help of AI Managed Detection and Response (MDR), EDR, and next-generation antivirus solutions.

Cybriant cybersecurity analyst team monitoring you 24/7 and also transmits a quick notification when an intelligence threat and anonymous activity try to breach security. Besides this, our experienced team also provides you response and remediation to deal with anonymous intimidation.

MDR services help to meet the growing challenges of enterprise threats and protection. It allows you to secure your organization’s sensitive records and also diminish the attack of an unknown attack.

15 Shocking Stats About Endpoint Security Solutions

The Financial Industry’s Biggest Threat

References: 

https://solutionsreview.com/endpoint-security/here-is-why-endpoint-security-is-important-for-your-enterprise/
https://www.gartner.com/doc/reprints?id=1-1OER4X51&ct=190821&st=sg
https://www.mcafee.com/enterprise/en-us/security-awareness/endpoint.html
https://www.quora.com/Why-is-endpoint-security-important
https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint
https://www.techradar.com/news/best-endpoint-security-software
https://www.forcepoint.com/cyber-edu/endpoint-security
https://www.youtube.com/watch?v=Uh2aMH81Y3c
https://www.youtube.com/watch?v=9k5X3ZYOX_4

Top Cyber Security Websites of 2022

In a recent Hacker News story, it was revealed how hackers are exploiting the coronavirus panic. Here are some ways to help prevent those hacks from destroying your business.

Hacker News revealed 7 ways that hackers are exploiting our fears around the Coronavirus. Research is showing that attackers are using Coronavirus-specific lures to reach potential targets.

The attack surface is changing and expanding rapidly as many organizations and business tasks are going digital without much preparation, exposing themselves to more potential threats.

Most of the recent cyberattacks are primarily exploiting the fears around the COVID-19 outbreak-fueled by disinformation and fake news-to distribute malware via Google Play apps, malicious links and attachments, and execute ransomware attacks.

The World Health Organization has seen its share of cyber scammers. See their warning here. We’ve reviewed several ways to defend your enterprise while working from home as well as released a remote worker’s guide.

Here are the 7 ways that hackers are exploiting the Coronavirus panic.

1. Mobile Malware
2. Email Phishing
3. Discounted Off-the-Shelf Malware
4. SMS Phishing
5. Face Mask and Hand Sanitizer Scams
6. Malicious Software
7. Ransomware Attacks

The United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) released a joint alert titled COVID-19 Exploited by Malicious Cyber Actors.

Advanced Persistent Threat (APT) groups are using the COVID-19 pandemic as part of their cyber operations. These cyber threat actors will often masquerade as trusted entities. Their activity includes using coronavirus-themed phishing messages or malicious applications, often masquerading as trusted entities that may have been previously compromised. Their goals and targets are consistent with long-standing priorities such as espionage and “hack-and-leak” operations.

Cybercriminals are using the pandemic for commercial gain, deploying a variety of ransomware and other malware.

Both APT groups and cybercriminals are likely to continue to exploit the COVID-19 pandemic over the coming weeks and months. Threats observed include:

• Phishing, using the subject of coronavirus or COVID-19 as a lure,
• Malware distribution, using coronavirus- or COVID-19- themed lures,
• Registration of new domain names containing wording related to coronavirus or COVID-19, and
• Attacks against newly-and often rapidly-deployed remote access and teleworking infrastructure.

How Can You Protect Your Organization?

In our recently released Remote Workers Guide, our CTO Andrew Hamilton describes all the ways Cybriant is protecting our organization while we are working from home because of the COVID-19 outbreak in the US.

In this guide, we discuss tips to secure personal devices and the exact steps to take if you think you have been compromised. Our team deals with highly sensitive data and our remote workers must be vigilant when working remotely. Download the guide and see what steps we’ve taken to prevent our team from cyber attacks.

You’ll also be interested to learn the types of cyber attacks you may see while working from home. Download the guide today and let Cybriant assist your organization during this unique time in our lives.

Recommendations from Cybriant

We typically recommend starting with an assessment so our team has a better grasp of where you are in your security strategy. We offer all assessments including:

• Risk Assessment
• Gap Analysis
• Penetration Test
• Mobile Security Risk Assessments

Find out more about our assessments here.

Mobile Security Risk Assessment

Our comprehensive mobile security risk assessment will allow you to evaluate the risk presented to the organization by mobile phones and tablets, evaluate potential omissions in policies, documentation, and implementation. This assessment will also help evaluate the impact of mobile device policy on diverse geographic and economic user groups. Plus, we’ll be able to recommend actions to better secure and align mobile devices to business practices.

Our comprehensive mobile security risk assessment will include the following:

• Evaluate risk presented to the organization by mobile phones and tablets
• Evaluate potential omissions in policies, documentation, and implementation
• Evaluate the impact of mobile device policy on diverse geographic and economic user groups
• Recommend actions to better secure and align mobile devices to business practices

This is an incredibly important step to take while your enterprise is working from home. Learn more about our Mobile Security Risk Assessment here.

Managed Detection and Remediation (MDR)

Antivirus isn’t enough to protect your endpoints.

The fact is that cyberattacks on endpoints are increasing rapidly in complexity and numbers. With digitization continuing to transform industries, devices in huge numbers are likely to be compromised.

To mitigate the risk of compromised systems, you need an immediate response, enhanced security tools, and a team of experts on your side that can guide you through the entire remediation process.

With MDR from Cybriant, our security analysts monitor your endpoints 24/7 and filter out false positives. You’ll receive the alerts when relevant threats are detected along with advice and insight from our cyber security team to help you mitigate and respond to the threat.

Learn more about MDR from Cybriant.

Mobile Threat Defense

Corporate infrastructures have been venturing into the BYOD (Bring Your Own Device) world for years often without knowing it. Conditional restrictions are often not in place to prevent access to corporate data reposited in email, SharePoint, calendaring, corporate contacts, and other applications. And even in cases where conditional restrictions may exist, the usage of mobile threat defense software may not be present or utilized on the device.

Contrastingly companies will often stringently secure their corporate laptops and desktops with MDR solutions, SIEM agents, and vulnerability management solutions. The difference in approaches to BYOD devices versus corporate-managed devices is troubling because BYOD devices can often access the same confidential data but without similar safeguards. With the recent string of major vulnerabilities discovered in both the Android and Apple iOS ecosystems, it’s becoming more apparent that any device that can access corporate data is a potential avenue for attack.

With two levels of service, Cybriant’s Mobile Threat Defense (MTD) service is an affordable way to protect the majority of your workforce, contractors, and BYOD users. It provides a baseline of protection and assurance that your mobile devices will be secured against common threats and attack vectors.

Learn more about our Mobile Threat Defense offerings

Related: What Hackers Know About Fileless Malware (And You Should Too)

Now More Than Ever: Hackers Want Endpoints

Hackers understand the global pandemic we are currently experiencing. They also know that whatever you are NOT focused on defending, and they will flow like water to get to it.

Where are you not focused as a defender? That’s where the hacker will go.

Since working remotely has been mandated to slow the spread of COVID-19, focus on your users’ endpoints.

According to the 2019 Data Breach Investigations Report, 94% of all attacks start with email. Be aware that even more users will click on malicious links when they are using their mobile devices.

Mobile Devices Users are More Vulnerable to Phishing Attacks

According to a recent mobile phishing report, there is an 85% increase annually on the rate at which people are falling for phishing attacks on mobile.

Mobile devices are connected outside traditional firewalls, typically lack endpoint security solutions, and access a plethora of new messaging platforms not used on desktops. Additionally, the mobile user interface does not have the depth of detail needed to identify phishing attacks, such as hovering over hyperlinks to show the destination.

As a result, mobile users are three times more likely to fall for phishing scams, according to IBM.

Finally, the huge amount of personal and corporate data on mobile devices is making these devices the preferred target for phishing attacks.
In fact, in spite of being protected by traditional phishing protection and education, 56% of Lookout users received and tapped a phishing URL on their mobile device between 2011–2016. Fortunately, in these cases the attack was thwarted by Lookout.

Before enterprises can achieve comprehensive protection against phishing attacks across all vectors, including the mobile device, security and IT professionals need to understand how current phishing myths muddy the waters and get the facts that will help them make informed decisions on how to protect corporate data.

Source

Hackers’ Capabilities

It’s difficult for users to keep up with the hacker’s capabilities. As a corporation, you could potentially have a team of security experts on hand that are able to research those capabilities and be able to help you put a defense strategy in place. Attackers are using the following tools to breach your mobile devices:

Remote Access Trojans (RAT)

A remote access Trojan (RAT) is a malware program that includes a back door for administrative control over the target computer. RATs are usually downloaded invisibly with a user-requested program — such as a game — or sent as an email attachment. Once the host system is compromised, the intruder may use it to distribute RATs to other vulnerable computers and establish a botnet. Source

Web Shells

A web shell is a script that can be uploaded to a web server to enable remote administration of the machine. Infected web servers can be either Internet-facing or internal to the network, where the web shell is used to pivot further to internal hosts.

A web shell can be written in any language that the target web server supports. The most commonly observed web shells are written in languages that are widely supported, such as PHP and ASP. Perl, Ruby, Python, and Unix shell scripts are also used. Source

Mimikatz

Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets. Other useful attacks it enables are pass-the-hash, pass-the-ticket or building Golden Kerberos tickets. This makes post-exploitation lateral movement within a network easy for attackers. Source

Powershell Empire

PowerShell Empire is a unique attack framework in that its capabilities and behaviors closely resemble those used by current nation-state advanced persistent threat actors.

Nation-state hacking groups were using PowerShell to create fileless malware that runs in a computer’s memory, without leaving any traces on disk, and using PowerShell scripts as a post-exploitation vector for moving through networks and inside workstations without triggering any security alerts.

Because PowerShell is installed by default on all Windows 7 and later versions, at the time, the app was trusted by all security products, many of which did not detect Powershell-based attacks.

Empire’s use among cybercriminals has grown so much in the past few years that in late 2018, the UK’s National Cyber Security Center included Empire on its shortlist of the five most dangerous publicly available hacking tools — together with JBiFrost, Mimikatz, China Chopper, and HTran. Source

C2 Obfuscation Tools

Attackers will often want to disguise their location when compromising a target. To do this, they may use generic privacy tools (e.g., Tor) or more specific tools to obfuscate their location.

HUC Packet Transmitter (HTran) is a proxy tool used to intercept and redirect Transmission Control Protocol (TCP) connections from the local host to a remote host. This makes it possible to obfuscate an attacker’s communications with victim networks. The tool has been freely available on the internet since at least 2009.

HTran facilitates TCP connections between the victim and a hop point controlled by a threat actor. Malicious threat actors can use this technique to redirect their packets through multiple compromised hosts running HTran to gain greater access to hosts in a network. Source

How to Protect Mobile Devices for Remote Workers

For a comprehensive mobile device protection strategy, you need a tool or service for endpoints that can offer a form of antivirus, an EDR-type tool that can record and log instances for future forensics, as well as vulnerability management for mobile.

Your mobile device security strategy should provide phishing protection for:
– Email
– SMS
– Social Media
– Messaging Apps

You should also consider Mobile Threat Defense that defends against:
– Application Threats
– Device Threats
– Network Threats

Managed Detection and Remediation (MDR) for Endpoint Security

Not only does MDR from Cybriant help reduce the time between breach and detection, we can also help stop the threat before it can fully execute.

Our experts utilize a static AI engine to provide pre-threat execution protection. The static AI engine replaces traditional signatures and obviates recurring scans that kill end-user productivity.

By tracking all processes, our team is able to detect malicious activities, and use behavioral AI technology to respond at top speed. We can detect and stop file-based malware, scripts, weaponized documents, lateral movement, file-less malware, and even zero-days.

With MDR from Cybriant, our security analysts monitor your endpoints 24/7 and filter out false positives. You’ll receive the alerts when relevant threats are detected along with advice and insight from our cyber security team to help you mitigate and respond to the threat.

As an extension of your team, our experts will investigate, triage, and remediate security events and provide executive-level reporting. Remediation may reveal dormant or trojan threat actors that evade network and endpoint detection solutions. Our MDR solution includes leveraging the talents of our experienced team as well as next-generation antivirus and EDR tools that utilize AI.

The MDR service from Cybriant will allow you to protect your organization’s data and reduce your threat landscape against the most advanced threats.

Security Fundamentals for Working Remotely

Consider sharing this information from Infragard to all your remote workers. Stay up-to-date on Coronavirus scams here.

Cyber Risks/Criminals: The FBI reports scammers are leveraging the COVID-19 pandemic to steal your money and your personal information, or both. Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information to receive money or other benefits.

The FBI advises you to be on the lookout for the following:

FAKE CDC EMAILS – Watch out for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or other organizations claiming to offer information on the virus. Do not click links or open attachments you do not recognize. Fraudsters can use links in emails to deliver malware to your computer to steal personal information or to lock your computer and demand payment. Be wary of websites and apps claiming to track COVID-19 cases worldwide. Criminals are using malicious websites to infect and lock devices until payment is received.

PHISHING EMAILS – Look out for phishing emails asking you to verify your personal information to receive an economic stimulus check from the government. While talk of economic stimulus checks has been in the news cycle, government agencies are not sending unsolicited emails seeking your private information to send you money. Phishing emails may also claim to be related to charitable contributions, general financial relief, airline carrier refunds, fake cures and vaccines, and fake testing kits.

COUNTERFEIT TREATMENTS OR EQUIPMENT – Be cautious of anyone selling products that claim to prevent, treat, diagnose, or cure COVID-19. Be alert to counterfeit products such as sanitizing products and Personal Protective Equipment (PPE), including N95 respirator masks, goggles, full face shields, protective gowns, and gloves. More information on unapproved or counterfeit PPE can be found at www.cdc.gov/niosh. You can also find information on the U.S. Food and Drug Administration website, www.fda.gov and the Environmental Protection Agency website, www.epa.gov. Report counterfeit products at www.ic3.gov and to the National Intellectual Property Rights Coordination website at iprcenter.gov

Best Practices for Companies: Attached is a one-page document, developed by InfraGard National Board Director Rusty Sailors and his company, listing best cyber practices for companies to adopt, to ensure their information is kept safe and secure at all times.

In addition to those recommendations, the FBI is reminding people to always use good cyber hygiene and security measures. By remembering the following tips, you can protect yourself and help stop criminal activity:

• Do not open attachments or click links within emails from senders you don’t recognize.
• Do not provide your username, password, date or birth, social security number, financial data, or other personal information in response to an email or robocall.
• Always verify the web address of legitimate websites and manually type them into your browser.
• Check for misspellings or wrong domains within a link (for example, an address that should end in a “.gov” ends in “.com” instead

As the world is responding to the global response for remote work options, we’re here to provide guidance and stability during these trying times.

Whether provisioning corporate laptops or allowing employees to use personal devices, hastily extending a remote work option can leave your organization vulnerable in terms of security.

Here are a few items to consider:

Remote Basics
– A computer
– A secure internet connection
– Chat and conferencing applications
– A dedicated workspace
– A phone and a camera
– Self-motivation and discipline
– A strict routine

Require VPN access for internal networks
A VPN encrypts your corporate traffic to avoid man-in-the-middle attacks or eavesdroppers

Update Password Policies
Make sure your employees understand and comply with your password policies. This might be the best time to start with new strong passwords across the company.

Separate User Account
If your group in using their own devices, require a new user account to be set up for work use only. This separation will help both privacy and security.

Invest in full-featured endpoint security for home workers
Home systems are varied and more often than not, are not up to the job of protecting your company’s assets. The best options would still be business-class endpoint security that can be managed by your IT team that leverages a firewall, protection from malicious websites, and malware.

Require multi-factor authentication
Your best defense against cyber criminals that may utilize brute-force techniques or stolen credentials.

Require encryption
If employees are working on sensitive files or downloading files to their personal devices, provide an encryption solution while requiring separation of personal files.

Keep machines up to date
It is difficult to know how well employees keep their home machines up to date. Enable automated updates on all of their systems to be sure they are current with all security measures.

Employee Training
COVID-19 Scams are on the rise and are becoming more sophisticated. Remote workers’ habits and behaviors can become lax when it comes to clicking on links. Provide a refresher to help avoid the human element that cybercriminals attempt to exploit. Consider running a campaign and training course before employees begin working remotely or shortly thereafter.

In an unprecedented time in our lives, more and more workers are being asked to work from home because of COVID-19 or the Coronavirus. 

It’s important for everyone to take an abundance of precautions during this time. However, if your corporate cybersecurity policy is not in place, this could cause security concerns that could be detrimental to your business. 

Take a look at the following suggestions to secure your corporate data with remote workers. 

Understand Remote Workers Needs

Remote workers will likely need to access your corporate network – do you have a process in place for them to do so? Do you require that your employees utilize a VPN to access your network, or are you focused on cloud technologies? What sort of internet capabilities do your employees have at home? Do you allow employees to use public WiFi? 

You can improve your company’s work from a home policy with the following: 

• Make it easy to safely access your company network. By keeping it simple, your IT support team will be able to focus on more pressing issues.
• Make support easy – password recovery, VPN access, etc. – ensure that your employees have access to quick answers for their security issues. 
• Backups are vital. This is a great time to review your business continuity plan. 

In general, the higher you can move up the stack in remote access, the more secure you are going to be. 

Enforce Corporate Security Policies on Company-Owned Devices

While you should have basic IT controls in place, there are a few extra items to consider. Whatever your organization decides to enforce, be sure that it is simple – or your employees will skip it. If your security requires employees to take 50 steps, be aware that 47 of those will be skipped. 

• Multi-Factor Authentication is key – Consider adding 2FA or MFA and make it mandatory on company-owned devices. 
• Use cloud technologies – Cloud Technologies or SaaS products have evolved their security as more and more organizations have moved to the cloud. With a cloud data security policy in place, you can ensure that data protection even more. 
• Implement robust password policies – Whether you decide to require a password manager or make sure employees change their passwords often, be sure they understand the importance of using different passwords for corporate instances compared to their personal needs. 

Physical Security of Company-Owned Devices

While it recommended that we stay in our homes during this time of social distancing, some employees may prefer a restaurant, coffee shop, or library to complete our work. Even if your employees are working from home, consider telling them to act as if they are still in their office environment. 

• Lock your device when they are not in use – even at home
• Don’t leave company property unattended – Take your laptop with you to pick up your order at Starbucks. 
• Always be on the lookout – even a house guest could potentially make themselves at home on your company laptop. 
• Use privacy screens – Don’t let your work pique the interest of your neighbor. 
• Employees are responsible and accountable for company property – Treat it like it’s yours and protect your devices. Report any devices that are lost or stolen immediately. 
• Don’t mix work and personal usage on company-owned devices. It’s tempting to let your kids use your company laptop or to send an email to your personal email from your work email. Your work machine should not be used for a family computer. While you may need to occasionally check personal email, this is an exception. If you forward a work email to your personal issue, you are opening yourself up to litigation issues that could open all your emails up to investigation.
• No USBs – USBs are poor means of sharing data. CISOs should make sure you are able to share and collaborate data without using USBs. Restrict and monitor USB usage – there really is no need to use them. 

It will be easy for your employees to get lax on these policies, be sure to find a way to remind them of the importance of safeguarding their corporate data. All it takes is just one employee doing one wrong thing that could expose an entire company’s data. 

Beware of the Increase of Phishing Campaigns

The world is watching this unprecedented virus outbreak, and that means hackers are trying even harder to get your data. 

“There are nation-states that are actively taking advantage of the situation, particularly our Cold War adversaries, and we need to be keenly aware that they are aware of the lack of security that is presented by everyone telecommuting,” according to Tom Kellermann, who served on a presidential cybersecurity commission during the Obama administration

Source 

Education should be a priority to ensure your employees are aware of the increase of potential phishing emails. Here are a few important items to consider: 

• Be realistic – Your CEO probably isn’t going to email you from their Gmail account to request a large money transfer. 
• Beware third-party supplier emails – Always verify that the requested information is from the actual source and isn’t a scam. Ensure that you have confirmed the requested information from other sources rather than clicking on the potential phishing email. 
• Do not fall for a sense of urgency in potential phishing emails. 
• Teach your employees how to inspect a link before clicking. 
• Avoid opening email attachments that will open a macro – Consider the Ukraine Electric Grid attack.  Like most targeted attacks, the Ukraine power grid attack began with a phishing email containing a malware-rigged attachment. Read more
• Don’t allow working remotely to reduce your communication – consider using Slack or Microsoft Teams to be able to chat with your coworkers quickly and easily. 

When you receive an email from an unusual source, always verify and then trust. Stop, think, don’t click that link. 

Protect Endpoints from Malware

Our main recommendation is to make sure your users have endpoint protection on their company-owned devices. Don’t let your users have a false sense of security – Not all computers are installed with endpoint security. No matter which endpoint protection solution you have, make sure it’s up to date and monitored consistently. 

When your workforce is sent to work from home, they have to work with what they have. Imagine having the potential of utilizing AI or artificial intelligence to be able to detect any potential cyber threats and your team has the ability to stop malware in its tracks – before it can do any damage. 

Consider Managed Detection and Remediation

Our expert security analysts monitor and record all the events that occur on your endpoints. Our team focuses on relevant threats that attempt data exfiltration or modification.

When files attempt to execute these suspicious processes an alert is triggered and the attack is halted in real-time. When a credible threat is detected, our system will retrieve the process history and our team will analyze the chain of events in real-time and determine the validity of the threat.

You’ll receive the alerts when threats are detected along with advice and insight from our cyber security team to help you mitigate and respond to the threat. Once identified, the malicious activity is immediately stopped in its tracks and our team guides you through the remediation. This remediation process provides astonishing insight into the data of the threat.

You’ll be able to help your organization reduce their attack surface by learning how you’ve been compromised. Learn more about MDR here. 

Conclusion

Review your policies and keep it simple – remember employees still need to be productive while working from home. Make sure your corporate systems are easy to use. When routines are upset, security is often an early casualty. 

A dose of prevention is always worth a pound of cure. Consider Managed Detection and Remediation and secure your remote workers today.