Blog

Does your IT plan include EDR?

Today’s threats change too quickly for ant-virus products to keep up.  By the time a virus is added to the “bad” list on your computer it has changed to something else to avoid detection.  This game of cat and mouse is stacked heavily in favor of the cat!  All major anti-virus vendors are now shifting to an Endpoint Detection and Response (EDR) approach, and so should your business.

What is EDR?

EDR is the evolution of anti-virus and should be part of your security stack.  The major difference is EDR is actively looking at the BEHAVIOR of your computer and when something seems off it will Detect and then Respond to that behavior.  This may be blocking the action, reporting it, or actively rolling back changes made to your system.

Why is it better?

The “magic” in EDR is the AI-based component that can detect the patterns in real-time.  Gone are the days of looking for a single virus signature that was the same for all versions.  An EDR collects massive amounts of data and intelligently determines if an action is bad or not in real time.  This happens at the computer level which is were most viruses and ransomware originate.

How to deploy?

Anti-virus solutions are static and do not require expertise to deploy and manage at this point.  A poorly planned EDR rollout will kill productivity, generate thousands of useless alerts to sort through, and end up being LESS secure than your current anti-virus product.

An EDR product works best when it is managed and monitored by an IT partner.  The time and expertise required to tune the EDR to your individual environment is not efficient or cost-effect to handle in-house.  A partner is also looking at HUNDREDS of other Clients and will gain insights and knowledge that your organization will benefit from long term.  A partner can quickly deploy policies changes to all our Clients based on insights gained from a single Detection.

Categories