Introducing Fast Assist cwatch Endpoint Detection & Response (EDR)
Beginning in June of this year, we will begin deploying an additional agent onto the endpoints of customers who subscribe to our monthly support plans called cwatch Endpoint Detection & Response or EDR for short. If your business is not already subscribed to one of our monthly support plans, you might want to consider it as we, as a society, go boldly even deeper into a world of inter-connectivity and automation than we have ever gone before. The next decade demands a deep level of monitoring and security unlike anything the average business network has ever experienced before and our IT Security Management system offers cutting edge tech to meet that demand.
Currently we offer two layers of security measures that thwart malware and malicious actors. First, there is the Fast Assist Security Client, which utilizes a whole plethora of sub-layers within itself. Everything from sand boxing/virtualization of unknown processes to advanced analysis by artificial intelligence and even human software engineers before being vetted and labeled as trusted, all within a 4-hour SLA response time with the premium version of our Client Security that is included in our monthly support plans. Fast Assist Client Security is an optional add on agent that is managed and deployed by our Fast Assist Endpoint Manager agent.
The second security layer that we offer for our business customer’s networks is our Watchguard Security Appliances/Firewalls. These devices monitor all network traffic coming and going and will automatically block anything that is known malicious and allows us to take a peak at live network traffic in real-time to quickly identify bandwidth usage as well as what connections are being made to where. Our Watchguard Security Appliances also have a plethora of options and continuous updates to contend with active threats happening on the internet at any given point in time. We strongly recommend a Watchguard Security Appliance over any other hardware based firewall solution. Watchguard Security Appliances essentially provide preliminary EDR monitoring at the OSI Layers 3 and 4 levels via network policies for TCP/UDP and various other data packet inspections of data flowing in and out of your network.
The cwatch EDR agent is an additional layer of security on top of both of those solutions. It provides Endpoint Detection & Response at the OS/Application layer on the individual Endpoints. It runs silently in the background on your endpoint and securely provides us with all kinds of telemetry data in our cloud dashboard where we can monitor a multitude of indicators that will let us know if your endpoint is deviating in anyway from standard security policies with regards to its settings. We can also see and trace all activity for processes whether trusted or not that allows us to do a deep level of digital forensics on your device before, during and after a potential cyber breach.
We are currently testing this new layer of security with our own endpoints and will deploy it onto our monthly support customers endpoints next month. We will be reaching out to each of them individually to notify them of the implementation and provide more details about how cwatch EDR works.
Naturally, we do not ever guarantee a 100% secure, unbreakable level of security, but implementing the above layers of security protection together will make it extremely difficult for the bad guys and will make your IT infrastructure more secure than it has ever been before. Of course, absolutely none of this works if your end users are not savvy when it comes to cyber security best practices such as enabling mutli-factor authentication on all accounts that do not impose a lock threshold policy for invalid login attempts. Multi-factor authentication is something we have made pretty much mandatory for clients that have their Office 365 for Business tenant managed by us.
Contact us today and ask us how we can help make your IT infrastructure more hardened for security and more efficient for productivity. Don’t forget, Windows 7 and Windows Server 2008 support will end at the end of this year. If you are running either of these platforms on any of your endpoints, you need to upgrade soon to stay compliant with any applicable Federal regulations specific to your industry with regards to cyber security and privacy.