Cyberattacks are becoming more frequent and more damaging, and businesses’ IT footprints are expanding. These factors have elevated cybersecurity to a top priority for virtually every business and organization. Antivirus (AV) solutions are key to keeping endpoints and, ultimately, IT environments safe.
Chris Crellin, Senior Director of Product Management, Barracuda MSP, provides answers that managed services providers (MSPs) need to use antivirus solutions to protect clients effectively.
Q: What impact did COVID-19 and the threats that emerged last year have on antivirus solutions?
Crellin: In some ways today, it’s much more difficult for MSPs to manage endpoint devices than it was prior to COVID-19. At the start of the pandemic, when employees and contractors were sent home to work on a full-time basis, many were unable to connect their devices to the network regularly, which meant that AV scans weren’t running, and systems weren’t being updated as often as they had been previously to protect against evolving threats.
Today, as workers begin to return to the office, they are benefiting from the AV scans when they are able to plug into the company network on-site. However, it is still not something they are doing every single day. It is also important to note that employees and contractors have also been connecting to company networks with personal devices either out of necessity (because hardware has been more difficult to procure during the pandemic) or simply because they can.
Finally, employees can sometimes do their job without even connecting to the network, which lessens an MSP’s visibility into those devices even further.
Q: How has remote work impacted how businesses use antivirus?
Crellin: The reality is that employees and contractors, many of whom are still working remotely on a full-time or part-time basis, are capable of connecting to resources on and off the network from a wide range of devices, thus making it hard to enforce good security hygiene. This is why it is important that businesses take a multi-layered approach to security that includes pairing AV with endpoint detection and response (EDR) packages and other security solutions.
Q: How has antivirus evolved with the changing threat landscape?
Crellin: Over the years, antivirus solutions have evolved from being a signature-based offering to leveraging artificial intelligence (AI) and machine learning (ML) technologies to detect and identify threats. Additionally, A/V has also expanded beyond simply blocking malware to hardening some endpoint hardware features such as memory, externally connected devices (i.e., USB drives), script control and auto-isolation from threats.
Q: Is there any scenario where an antivirus solution alone is enough to protect a business?
Crellin: In today’s remote and hybrid work environment, there is not one scenario where AV alone is enough to protect a business. As mentioned earlier, AV should always be paired with an advanced EDR solution on the device. Zero trust network access (ZTNA) is also becoming a must-have for businesses, in addition to traditional solutions like firewalls. Further, 24×7 monitoring is essential, as today attacks are proliferating around the clock.
Q: What do MSPs need to communicate to their customers to help them have maximum protection from cyberattacks?
Crellin: Multi-layered security is a must-have for businesses today. MSPs should be familiar with current threat vectors, be able to communicate with their customers about these threats and mitigate all of them. MSPs should also engage security professionals in this endeavor, either in-house or outsourced, because the threats will continue to evolve.
It’s a 24×7 job staying on top of what’s happening both in your business and out in the world.