Cyberattacks are becoming more frequent and damaging, and businesses’ IT footprints are expanding. These factors have made cybersecurity a top priority for virtually every business and organization. Antivirus (AV) solutions are vital in keeping endpoints and IT environments safe.
Chris Crellin, Senior Director of Product Management, Barracuda MSP, answers timely antivirus questions about protecting clients in the work-from-anywhere era.
Q: How did the shift to remote work impact antivirus solutions?
Crellin: In some ways, today, it’s much more difficult for MSPs to manage endpoint devices than before COVID-19. At the start of the pandemic, when employees and contractors were sent home to work full-time, many could not connect their devices to the network regularly, which meant that AV scans weren’t running. In addition, systems weren’t being updated as often as previously to protect against evolving threats.
Workers that have returned to the office benefit from the AV scans when they can plug into the company network on-site. However, it is still not something they are doing every single day. It is also important to note that employees and contractors have connected to company networks with personal devices.
Finally, employees can sometimes do their job without connecting to the network, which lessens an MSP’s visibility into those devices.
Q: How has remote work impacted how businesses use antivirus?
Crellin: The reality is that employees and contractors, many of whom are working remotely on a full-time or part-time basis, are capable of connecting to resources on and off the network from a wide range of devices, thus making it hard to enforce good security hygiene. This is why businesses must take a multi-layered approach to security, including pairing AV with endpoint detection and response (EDR) packages and other security solutions.
Q: How has antivirus evolved with the changing threat landscape?
Crellin: Over the years, antivirus solutions have evolved from signature-based offerings to leveraging artificial intelligence (AI) and machine learning (ML) technologies to detect and identify threats. Additionally, AV has expanded beyond simply blocking malware to hardening endpoint hardware features such as memory, externally connected devices (e.g., USB drives), script control and auto-isolation from threats.
Q: Is there any scenario where an antivirus solution alone is enough to protect a business?
Crellin: In today’s remote and hybrid work environment, there is not one scenario where AV alone is enough to protect a business. As mentioned earlier, AV should always be paired with an advanced EDR solution on the device. In addition, zero-trust network access (ZTNA) is also becoming a must-have for businesses, in addition to traditional solutions like firewalls. Further, 24×7 monitoring is essential, as attacks are increasing around the clock today.
Q: What do MSPs need to communicate to their customers to help them have maximum protection from cyberattacks?
Crellin: Multi-layered security is a must-have for businesses today. MSPs should be familiar with current threat vectors, be able to communicate with their customers about these threats and mitigate all of them. MSPs should also engage security professionals in this endeavor, either in-house or outsourced because the threats will continue to evolve.
It’s a 24×7 job staying on top of what’s happening in your business and the world.