You won’t believe this. I tell a lot of business owners and IT Managers that they need to ensure they have a robust, well architected and industry leading anti-virus and anti-ransomware product at the core of any cyber security programme. I am shocked by how many businesses rebuff with “we have never had a virus, so why do we need these products”. Unfortunately this level of naivety is exactly what threat actors are betting on. They are leveraging your lack of belief or understanding in the value of protection to slip onto your system undetected and carry out whatever heinous activity they wish.
“We don’t need protection!”
First of all I must address the elephant in the room; “We have never had a virus“.
The simple question would be, how do you know? Gone is the age of pop-ups and loud annoying virus sent more to disrupt. Modern attacks focus to data extractions, data corruption/encryption or device harnessing. For all of these, bar corruption/encryption, the aim is to remain undetected. For the most part if you are trying to pull data from a device or harness the computer as a salve for your attack network then you don’t want the device owner knowing you are there. Therefore, the argument that you have never had a virus falls over. You should be saying “We have no idea if we have had or have a virus or suffered a cyber-attack as we don’t have the tools to detect such attacks” .
“I barely use that laptop”
Secondly, I need to address the obvious. Any device is at risk regardless of how little you use it, how infrequently it is turned on and how expensive it was when you bought it. This principal also applies to servers, virtual, physical and on cloud platforms. If it is running an operating system based on Windows, Linux, Unix or MacOS there will be an attack out there that is designed for that system. This even applies to appliances provided for dedicated applications like, phone voicemail systems, door access control and system controllers. Because of this, you need to ensure that your servers also have the protection in place and if they cannot have the protection directly installed that you have a product that can protect at network and hypervisor level against incoming attacks.
Therefore it is critical that your business protects itself with the minimum protection being put in place in the form of endpoint security. This said, while you can pick up these products for a few pounds from certain vendors, we would always recommend looking at a industry leading vendor. Choose one who specifically work within your business space and have the full suite of tools that can be used. This will help ensure that you reduce the risk your business faces from cyber threats.
If you would like to discuss with myself or any of the cyber security team at Planet IT about how you can better protect your business, should that be with new technology, strategies or even better backups you can reach us using the contact details below;
Photo by Clint Patterson on Unsplash