Antivirus & EDR

Antivirus software is one of the building blocks of protecting your IT infrastructure. Most computers come pre-installed with some form of antivirus software, a program designed to detect, prevent, and remove malicious software from your computer, commonly known as malware. Antivirus programs regularly scan your files and directories for malware, and once detected the antivirus software will attempt to remove it or quarantine the affected files to prevent further damage. But are all your workstations and servers protected?

Antivirus, like all software, requires regular patches and updates. Antivirus software companies regularly update their virus definitions and detection methods to protect against the latest threats. These updates are crucial as new malware is constantly being created. Beyond scanning your files and folders for malware, antivirus that automatically alerts your IT provider to malware present on workstations and servers is necessary to proactively address other endpoints on your network that might be affected.

Beyond the antivirus on your computers and servers, it’s also critical to watch for suspicious network behavior with an Endpoint Detection and Response (EDR) solution. EDR continuously monitors endpoint activities in real-time such as network connections, file changes, and other behaviors that might indicate malicious activity that traditional antivirus might miss. When a threat is detected, EDR tools can automatically respond by isolating the affected endpoint, terminating malicious processes, removing harmful files, and reporting the activity to your IT resource. Layering the protections offered by managed antivirus and EDR is key to quickly addressing threats before they snowball.