How Do You KNOW That You Have Not Been Hacked?

by | Dec 5, 2018 | Security, Strategy

We had a client recently ask a good security question. I am paraphrasing, but it went something like: How do I know that someone is not hacked in to my network right now and able to get to my data? Sadly the answer was: You do not know. The reality is that with all of the standard security tools  and best practices being used by nearly all companies today (complex passwords, MFA, firewall, anti-virus, anti-spyware, spam filtering, Windows updates, etc.) you just do not know since these tools are for preventative measures and none of them are effective 100% of the time. Unfortunately, this leaves a proactive gap for most companies. Leveraging  an EDR (Endpoint Detection and Response) platform can go a long way to letting you KNOW if someone has hacked in and is stealing your data and STOPPING it in real-time.

There have been so many news stories about major security breaches where millions of records were stolen. Nearly all of the breaches happened months or even years before they were found and stopped. Crazy. I think several things led to this lack of security, but mainly it was the fact that the traditional thinking and tools where to blame. Internal IT was doing what they had always done (complex passwords, MFA, firewall, anti-virus, anti-spyware, spam filtering, Windows updates, etc.) and not doing a very good job at that. There were no proactive tools in place so bad things happened.

So what is EDR?  EDR is a proactive approach to security that monitors endpoints in real time and hunts threats that have infiltrated a company’s defenses. An agent monitors computer activity and looks for correlations; when it sees abnormal activity, it sends out an alert  with details so it can be investigated. 

EDR protects against file-less malware, malicious scripts, or stolen user credentials. It is designed to track the techniques, tactics, and procedures that an attacker uses. But then it goes even deeper. Not only does it learn how attackers break into your network, but it also detects their path of activity – how they learn about your network, move to other machines, and attempt to accomplish their goals in the attack.

You will still need to have the usual tools like a firewall, anti-virus, and the rest of the list mentioned earlier, but maybe it is time to look into EDR. It is a cost effective solution that can finally help you to stop worrying if a hacker has gotten into your data. Have any questions or want to discuss your security situation? Send me an email or give me a call and we can discuss in greater detail.

 

John Ahlberg, CEO, Waident Technology Solutions

John Ahlberg
CEO, Waident

CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

Subscribe

Related posts

9 Steps Manufacturers Can Take to Prevent a Ransomware Attack

9 Steps Manufacturers Can Take to Prevent a Ransomware Attack

Recent attacks on critical suppliers in the gas and food industries have illustrated how hackers attack easy targets, inflict serious pain, and extract easy money from pressured executives. Using what we've learned from recent attacks here are 10 steps manufacturers...

Choosing an MSP: No. 2. Strategic Alignment and POV on IT

Choosing an MSP: No. 2. Strategic Alignment and POV on IT

Does the MSP share our vision for IT and its purpose? Financial viability is critical for an MSP. Prudent financial management ensures that the proper investments are being made in the business and that the MSP can survive the booms and busts of technology trends....

Share This