Five Reasons Why ‘Anti-Virus’ Alone is No Longer Enough
Many organisations are still complacent about the Cybersecurity protection they employ, relying solely on their traditional antivirus (AV) software.
As a Trusted IT Partner, when talking to clients about cybersecurity, we often hear ‘I have Anti-Virus so I’m protected! …Right?’
The short answer is ‘No, not anymore’. Cybercriminals and the complexity of the lengths they will now go to has changed drastically in the past 10 years, to the point that the old precautions are just no longer enough.
Here are the top reasons for this:
1. Traditional AV response times to new threats are too slow. According to data compiled by Panda Research, traditional AV only stops 30-50 percent of new zero-hour attacks when it is first seen. A few take up to eight hours to reach even the 90 percent level, with the majority needing a full 24 hours. And it takes them a full seven days to get to the high 90’s. That is a whole lot of time to be missing protection! In recent studies by the Enterprise Strategy Group showed that almost half of the enterprises polled had suffered a successful malware attack even though they were running antivirus.
2. You do not have to just click on an attachment or visit an unsecure site to get hit. In the past, it was sufficient to avoid clicking on suspect links or visiting bad sites. This is no longer the case because of new ways an attack can happen. For instance, in a ‘malvertising’ attack, a legitimate site unknowingly pulls malicious content from a bad site, and the malicious content seeks ways (often exploits) to install itself on your computer. Just by visiting a good site on the wrong day, you get infected.
3. Exploits are everywhere. Many software products, notably including Java and Flash, were designed in an era when computer security was a much less serious concern. And the worst part of exploit-based attacks is that the time from the initial exploit to detection and remediation – is on average almost a year.
4. Supply chain attacks. Cybercriminals will always look for the easy way in, such as by attacking existing proprietary or open-source software on the victim’s machine. For example, in December 2017, a backdoored version of CCleaner infected over 2.27 million computers. More recently, in December 2020, 18,000 SolarWinds customers, including FTSE 100 companies and multiple government agencies, installed updates that left them vulnerable to hackers.
5. File-less malware. Malicious code that does not require downloading a file onto your computer. File-less Malware makes it far more difficult for traditional AV to detect or prevent because of the low footprint and the absence of files to scan.
At Holistic IT, we believe in what is called a layered approach to security.
With layered security, you do not put all your eggs in the AV basket – we use multiple types of defence, each of which has its own strengths and offers different levels of security.
Our Advanced Threat Protection and Email Security, is built to look after every aspect of your IT security, adding additional peace of mind to know you are fully covered.
The layers consist of the following services:
- Persistent threat monitoring & prevention – 24/7 monitoring enables you to focus on your business – while we proactively using our technology and expertise respond to cybersecurity attacks before, during, and after an event. You will gain peace of mind knowing you are tightly secured.
- Customisable profiles & risk scoring – Getting to grip on endpoint and user account security gaps we can more easily identify changes needed in your security posture. Establishing profiles and scoring risks will Holistic IT to set ideal alert thresholds to help stop threats before they occur.
- Security operations centre (SOC) – Morning, noon, or night, our fully staffed, Security Operations Centre is at your side. The Holistic IT Endpoint SecOps team is here 24/7 to detect, mitigate, and remediate any concerns or threats you are facing.
- Compliance support – Keeping our clients compliant with server and account configuration reporting, coupled with log monitoring and management, to provide the right security measures to meet regulatory requirements.
- Next Generation Network Security – Using our Next Gen network-level security, we offer Gateway antivirus, SSL inspection, Website blocking, DNS protection, Intrusion prevention detection and protection, VPN and more
- Email and Web Security – Adding our Email Security Platform with its advanced SPAM filtering and quarantine features means you are protected from any malicious email literally stopping it before it even hits your inbox. Our Email Security package also includes as standard these other security benefits to protect your business including:
- User Self Service Portal for quick and easy management
- Web Link Protection to check for threats from links sent via email
- Deep scanning of email file attachments
- Sandboxing to assess threats before they arrive
- Protection against spoofing, impersonation, and CEO Fraud
- DarkWeb Monitoring – We monitor your domain and are alerted if your company or individual credentials have been shared on the DarkWeb. Which means we can quickly act to protect your data!
- Multi Factor Authentication (MFA) – MFA and 2FA help protect against potential breaches, even if user login credentials are exposed by mistake, by requiring a 2nd (or multiple) code to be used at the time of login.
- Back-up and Disaster Recovery (BDR) – Our back-up and disaster recovery plans are built around your organisation’s needs and are a simply, quick and easy method of regaining access and functionality to your IT infrastructure after events like a cyber-attack, natural disaster, or even business disruptions related to the COVID-19 pandemic.
- Anti-Virus – Finally, our enterprise level antivirus platform, runs in conjunction with all the above, adding the final layer.
In Short giving you ‘Complete Cyber-Security Peace of Mind’ allowing you to focus on your business growth.
To find out more or book a FREE Cybersecurity review – Call 01302 235050 or email firstname.lastname@example.org