Posts

The Email and Web Browser Protections You Need

A decade ago, the big problem with email was SPAM.  Unwanted messages pushing “healthy pills” and cell phone deals inundated our mailboxes and clogged our Internet connections.  At times, over 90% of all email traffic reaching our local servers was unwanted junk. We fought back and, for a long time, won the battle with updated email and web browser protections. With tools like Postini (purchased by Google and part of Gmail since 2008), we were able to block spam and email viruses “in the cloud” before they reached our email servers and services. And while spammers became more sophisticated, our data protection and security technologies were able to keep up.

Over the past years, however, we have clearly lost ground. It feels like we are back to square one.

Spam and malware attacks via email are on the rise. This time around, the consequences can be disastrous. Blocking unwanted emails about supplements is still needed, but cryptolocker, ransomware, and destructive malware can destroy your data and your business.

How did we get here and what can you do to implement modern email and web browser protections

5 things that happened to email and web browser protections

We see a convergence of several factors leading to the increase in successful malware attacks.

1. The IT Industry Became Complacent

Antivirus and email security vendors wrongly assumed that their existing models of protection were capable of keeping up with new types of threats.  For nearly a decade, this assumption held true. Cyber-criminals study and understand how to exploit weaknesses in our existing protections; they build malware that goes undetected by our traditional methods of discovery. Our industry was slow to recognize that systemic changes were needed to stay on top, and ahead, of the game.

2. We Face New Threats

To stay ahead of anti-virus protections, malware has grown up. A new class of malware, known as Advanced Persistent Threats, exists. On average, APTs sit on systems and networks for more than 4 months before activating. During this time, they periodically test the system security and protections. They learn how to act to avoid detection. While our legacy protections are watching the doors and windows, the threat is hiding under the bed.

3. Humans Deliver the Goods

Cyber-criminals have learned that human nature is easier to exploit than technology. They now send us messages and present web pages that look and feel valid. We are willing but unknowing accomplices when click links and install malware on our systems from fake emails and web sites. The human instincts to help and trust readily betray us when we are not careful.

4. We Assume our Vendors do the Work

Both Microsoft and Google tell our customers that their email and other information in the cloud gets backed up. What they do say is that these backups are to maintain service reliability and not to protect us from damage or loss due to application or human error. We hear “data backup” and we assume our protection is greater than the reality. This assumption holds true when we are told about built-in protections against cyber-threats.

5. We focus on Cost not Value

Cloud computing drives down cost perception faster than it drives down cost. Major cloud players wage periodic price wars. Cloud services like Microsoft Office 365 and G Suite continually add new capabilities without increasing prices. We do not expect, and do not want, to pay for extras. You are as likely to fall victim to ransomware from a corrupt or hacked web site than by clicking on an email attachment. While nearly all of our customers protect email, fewer than 5% protect web traffic. Web protection is added cost that does not appear to have value until after the cyber attack.

Good News: We have new solutions for email and web browser protection

While we have created a bit of a mess, we do have options. Innovative vendors have built new solutions that affordable confront and address the new wave of threats. Using the power of cloud infrastructure, some vendors have radically improved their solutions while others have taken a step back and built new, strategic solutions. To protect your business, you need to protect your email service and your web browsing.

  • Web protection should scan and analyze all web traffic, intended (page you click) and unintended (the auto-start video stream, cookie update, etc.) for all web traffic from any device you use.
  • Email protection should pre-screen (open and validate) links and attachments in a sandbox (safe environment) before allowing messages to reach your inbox.

The solutions are affordable, are easy to manage, and can be up and running in no time. A dollar of cost can protect against thousands of dollars loss.


For more information, or a free assessment and set of recommendations for your business, contact us today.


 

How to Upgrade Your Endpoint Protection

endpoint protection upgrade Most malware and virus protection takes the form of an endpoint protection solution that resides on each PC or Mac. As the system accesses files, the content is compared against a database of malware profiles. These types of solutions are failing more frequently as the number of malware variants skyrockets and the threats get more sophisticated.  Detecting malware depends more on analyzing file behavior patterns than it does the file content. This poses the need for an endpoint protection upgrade to ensure proper protections are in place.

Symantec Endpoint Protection Upgrade

Upgrading Symantec Endpoint Protection is an important step to ensure that your endpoint security solution remains effective against evolving threats. It’s important to note that specific upgrade processes may vary depending on your environment and the version of Symantec Endpoint Protection you are currently using. Here are some steps you can consider when upgrading Symantec Endpoint Protection:

  1. Review the System Requirements: Before upgrading, ensure that your systems meet the minimum requirements for the new version of Symantec Endpoint Protection. Check the product documentation or contact Symantec support for the specific requirements.
  2. Backup Configuration and Data: Prior to upgrading, create a backup of your existing Symantec Endpoint Protection configuration settings, policies, and any important data. This will allow you to restore settings in case of any issues during or after the upgrade.
  3. Check for Compatibility: Verify the compatibility of any third-party software or integrations with the new version of Symantec Endpoint Protection. Ensure that they will continue to function properly after the upgrade.
  4. Plan the Upgrade Strategy: Develop an upgrade plan based on your organization’s requirements. Consider factors such as the number of endpoints, network bandwidth, maintenance windows, and any potential impact on users or critical systems.
  5. Test in a Lab Environment: If feasible, set up a test or lab environment to perform a trial upgrade. This allows you to identify and address any potential issues before rolling out the upgrade to your production environment.
  6. Communicate with Stakeholders: Notify relevant stakeholders, such as IT teams, end-users, and management, about the upcoming upgrade. Provide information about the benefits, timeline, and any potential impact on their workflows.
  7. Obtain the Latest Version: Obtain the latest version of Symantec Endpoint Protection from the official Symantec website or through your authorized Symantec partner. Ensure that you download the correct version for your operating system, and don’t let outdated technology slow your business down.
  8. Read the Upgrade Documentation: Carefully review the upgrade documentation provided by Symantec. Follow the step-by-step instructions and pay attention to any specific considerations or prerequisites mentioned.
  9. Perform the Upgrade: Execute the upgrade process on a test system or a small group of endpoints first, ensuring that everything functions as expected. If successful, proceed with upgrading the remaining endpoints according to your plan.
  10. Post-Upgrade Testing and Validation: After the upgrade, perform thorough testing to validate the functionality of Symantec Endpoint Protection. Test key features, policies, and ensure that endpoints are adequately protected.
  11. Monitor and Troubleshoot: Monitor the upgraded environment closely for any issues or unexpected behavior. Address any problems promptly and seek assistance from Symantec support if necessary.

Remember to consult the official Symantec documentation and support resources for detailed guidance tailored to your specific version and environment.

Cloud-based Alternatives offer Better Endpoint Protection Solutions

Traditional endpoint protection software is limited by the local device resources and the need to minimize performance degradation.  Instead of using a database with megabytes or gigabytes of information, cloud-based solutions compare file content and behaviors against terabytes of information, improving accuracy and dramatically reducing risks. The footprint on the endpoint can be significantly less, avoiding the performance impact of most endpoint protection software. Cloud-based endpoint protection solutions offer the ability to protect users across devices — PC, Mac, iOS, and Android — through a single system and management console.

Leveraging a cloud-based endpoint protection solution can improve your protection against current and evolving risks, at a more cost-effective price.

Our Recommendation

We recommend Webroot SecureAnywhere as our preferred solution for several reasons:

  • Webroot is better at catching behavioral malware, such as ransomware
  • Webroot can coexist or replace your current endpoint protection solution
  • Webroot can protect individual devices, or users across multiple devices and device types
  • Webroot has a small, secure footprint that does not create performance issues

Other Best Practices for Endpoint Protection

mplementing best practices for endpoint protection is crucial to safeguarding your devices and data from security threats. Here are some key practices to consider:

  1. Use a Robust Endpoint Protection Solution: Deploy a comprehensive endpoint protection solution that includes antivirus/anti-malware, firewall, intrusion prevention, and other security features. Regularly update the solution with the latest security patches and definitions.
  2. Keep Operating Systems and Software Up to Date: Ensure that all endpoints have up-to-date operating systems and software applications. Enable automatic updates to receive the latest security patches and bug fixes, reducing the risk of vulnerabilities being exploited.
  3. Employ Multi-Factor Authentication (MFA): Implement MFA for accessing critical systems and sensitive data. MFA adds an extra layer of security by requiring users to provide additional verification factors, such as a password and a temporary code sent to their mobile device.
  4. Enforce Strong Password Policies: Enforce the use of strong, unique passwords across all endpoints. Encourage the use of password managers to facilitate the creation and management of complex passwords. Consider implementing password expiration and complexity requirements.
  5. Educate Users about Security Awareness: Conduct regular training sessions to educate users on common security threats, such as phishing, social engineering, and malicious attachments. Teach them to recognize and report suspicious activities to help prevent breaches.
  6. Implement Least Privilege Principle: Assign users the least privileges necessary to perform their tasks effectively. Limit administrative access to only those who require it. Regularly review and revoke unnecessary privileges to minimize the risk of unauthorized access.
  7. Enable Endpoint Encryption: Encrypt data on endpoints, especially laptops and mobile devices. Full disk encryption helps protect sensitive information in case of theft or loss. Additionally, consider encrypting data during transmission using secure protocols (e.g., HTTPS).
  8. Regularly Back Up Endpoint Data: Perform regular backups of critical data on endpoints. Use both local and off-site backups to ensure data availability and quick recovery in the event of data loss or ransomware attacks. You may also consider evaluating SaaS backup solutions.
  9. Implement Network Segmentation: Segment your network to limit the lateral movement of threats. Divide your network into logical zones with restricted access controls and monitor traffic between segments for potential threats.
  10. Monitor and Analyze Endpoint Activity: Implement endpoint detection and response (EDR) solutions to monitor and analyze endpoint activities in real-time. This helps identify and respond to suspicious behavior, malware, or breaches promptly.
  11. Regularly Conduct Vulnerability Assessments and Penetration Testing: Perform regular vulnerability assessments and penetration testing to identify and address potential weaknesses in your endpoint security infrastructure. This helps proactively identify and remediate vulnerabilities before they are exploited.
  12. Establish an Incident Response Plan: Develop and document an incident or breach response plan outlining the steps to be taken in case of a security incident. Regularly review and update the plan to ensure its effectiveness and alignment with emerging threats.

Upgrade Your Endpoint Protection Today

Try Webroot SecureAnywhere for free for 21 days and let’s see if your current solution is missing any risks. If you like what you see, we can save you money on licenses and support.  If not, we discontinue the service. Get in touch today to see how we can help with endpoint protection and other data protection and security needs.