Today's trends for tomorrow's business
Layers are for More Than Just Cake
January 18, 2019
Sweeten up your antivirus software
One of the most basic steps every small business owner takes to protect their networks against cyberattack is to install an antivirus (AV) solution. It’s been the go-to method for decades now. And for the most part, it’s served as an affordable and mostly effective way of keeping hackers at bay.
But small business owners might be surprised to learn that no matter how often you scan your system or update your AV software, many hackers can easily bypass or disable it. In fact, cybercriminals have developed a range of techniques to combat AV software, according to Kaspersky.
You simply cannot put all your stock into AV systems and expect to stay safe.
One reason for this is that, even when AV accomplishes its mission of finding, blocking and removing malware from your computers, that’s only addressing one aspect of cybersecurity.
Antivirus does nothing to sniff out and prevent potential intercepts of digital communications between computing or mobile devices. It doesn’t secure network endpoints, like printers and laptops, that are becoming more frequent targets for cyberattack. And it does little to oversee identity and access management.
Then there is the fact that AV systems, as designed, don’t even catch all the malware we think they do. In fact, as long ago as 2014, an executive from Symantec, which owns the Norton brand of antivirus software, told the Wall Street Journal antivirus only detects 45 percent of cyberattacks.
Given it’s been five years since that statement, and researchers encounter and catalog more than 350,000 new instances of malware every day, it’s not inconceivable that percentage could be even lower now.
So, does that mean you shouldn’t invest in antivirus software? Absolutely not.
While traditional signature-based antivirus software struggles to stop newer threats, such as zero-day exploits and ransomware, it does serve a purpose. But know that it’s just one of the things you should be doing. Think about it this way: to protect your home, you probably wouldn’t just put deadbolts on your doors. Right? If you care about physical security, you’d also put locks on your windows. Install an alarm system with cameras and video recording. Maybe even hire an armed guard (if you see a need).
In cybersecurity terms, this is called a “layered security approach,” where you deploy multiple types of safeguards, each protecting against a different potential vector of attack. This would extend from the very core of your computers, the BIOS, out to the network edge.
From a BIOS standpoint (this is what boots up your computer before the operating system kicks in), HP Sure Start can automatically detect, stop and recover from a BIOS attack or corruption without IT intervention and with little or no interruption to user productivity.
Every time the PC powers on, HP Sure Start automatically validates the integrity of the BIOS code to help ensure that the PC is safeguarded from malicious attacks. Once the PC is operational, run-time intrusion detection constantly monitors its memory. If attacked, the PC quickly “self-heals” using an isolated golden copy of the BIOS.
During operation, if attacks against AV software are a concern (obviously, they should be), then HP Sure Run can help. It can detect when critical applications like AV might be compromised, alerting operators to processes being paused or terminated, key operating files being deleted and critical registry settings changing. Any of these events might suggest AV has been compromised and an attack is under way.
In the event a cyberattack does defeat security measures, you also want to get back up-and-running as soon as possible. This is where HP Sure Recover comes into play. It lets you quickly and easily reimage your device using only a network connection - and can also enable your IT staff (even if that’s just you) to schedule a reimaging for your entire computer fleet.
Supplement your tools with strong policies.
Of course, you also need to supplement these technology tools with strong security policies and procedures - for both you and your employees. It’s critical to head off, for example, hacker efforts at social engineering. This is where they masquerade as someone - maybe your CEO, a key investor, a partner or even a customer - to manipulate you into divulging information that could let them into your network.
Many of the most famous and damaging cyberattacks started this way, and every organization should ensure employees understand the threat and what to watch for.
Antivirus software is what it is: a useful tool for finding and eliminating a portion of potential threats against your systems, software and data.
Just as you’d never start a construction project with just a hammer in hand, you also need to use multiple tools and techniques in cybersecurity. Today, you absolutely need a layered security approach. Nothing less will suffice.