3 Reasons You May Need to Rethink Your Virus Protection Strategy
These days, encountering malware like viruses, ransomware, trojans, or worms has become all too common—it’s almost an inevitability. In fact, according to the 2020 Malware Report by Cybersecurity Insiders, 88% see malware as an extreme or moderate threat, and 75% believe malware and ransomware will increase in the next year.
As this threat continues to loom, almost all organizations have antivirus as the foundation of their cybersecurity strategy. However, most antivirus solutions are intended for use on individual workstations, not on enterprise servers that many businesses operations rely on. Is this still sufficient for your entire environment? Consider these three reasons as to why you may need additional endpoint protection.
1. You Need to Adhere to Security Regulations.
Most industries now must adhere to some sort of regulation—PCI DSS, HIPAA, GDPR, SOX, etc. Many of these laws contain specific wording about taking measures that reduce risk and maintain data integrity. These regulations all highlight the need to safeguard sensitive data—customer or employee information, intellectual property, operation information, or other industry specific material.
Sensitive data may be saved on individual workstations, but the bulk of it is usually on organizational servers. This is reflected in the wording of most of these regulations. For example, PCI DSS Requirement 5 requires all servers that store sensitive payment card information to have virus protection. In order to secure your most critical data, you need an antivirus solution specifically intended to be used for server-level protection.
Additionally, to prove compliance, you’ll need a solution that has the ability to generate audit reports based on the results of scan activity. These reports need to cover any infections detected and what was removed or quarantined.
2. Your Organization Has Gone Partially or Fully Remote.
2020 saw a massive influx of remote work, and unfortunately, the convenience of working safely from home increased the risk of a breach as countless new attack vectors opened up, both from the way employees are connected to the network, as well as the devices they are connecting.
Organizations that have employees that need to connect to the network offsite use a VPN to ensure security. Unfortunately, with the increase of remote work, vulnerabilities in VPNs are increasingly being exploited by threat actors as a way to gain access and launch a malware attack. The NSA even put out a warning earlier in the year urging security teams to verify configuration and strong encryption. Additionally, home routers may be misconfigured or unpatched, providing an ideal target for hackers to exploit, as they can’t be regulated by security teams.
Personal devices that would not be connected when in the office are also now part of the organizational network. It may even be as simple as employees connecting personal laptops that haven’t been approved. Unintentional connections are also being made, since any wifi-enabled device in an employee’s home are now also linked to the network – gaming systems, printers, tablets, and smart TVs, to name a few.
Threat actors aren’t often interested in the data on someone’s PlayStation, they are simply using it as a stepping stone to get to what they really want—sensitive data stored on organizational servers. With more ways to launch an attack, making sure those servers are secure is a high priority.
3. Your Critical Data is Stored on Non-Windows Machines.
Many organizations have a mix of operating systems within their environment. Most commonly, organizations may have Windows workstations, but their servers use something like Linux, AIX, or IBM i. However, businesses frequently rely on their workstation antivirus to provide coverage for the entire environment, including their enterprise servers.
Unfortunately, scanning your server with a Windows solution can be unreliable, since there are parts of a non-Windows server that can’t be scanned with Windows based antivirus solution due to incompatibility. In fact, using a non-native solution can also add additional security concerns. Scans begin to lag and become unstable, and there are vulnerabilities associated with mapping a drive to the PC, since non-native antivirus has to be run through the workstation.
Using a native, server-side antivirus prevents scan failure and security issues ensuring these alternate platforms are uniquely protected in a complex threat environment. Native solutions avoid the sluggishness and instability of workstation based scanning, since they don’t require a mapped drive or increase your network’s load.
Incorporate Server Level Protection Into Your Security Strategy
Effective malware defense requires multiple layers of defense. Layering workstation antivirus with native antivirus for your critical servers properly insulates organizations from attacks that could cripple business operations and take months to recover from.
Powertech Antivirus is the only commercially available server-level antivirus solution providing native scanning for IBM Systems, including IBM i, AIX, Linux on Power, Linux on Z and LinuxONE. With it, you get the power and protection of enterprise strength scan engines while supporting the specific features of your operating system.
Want to learn more about what endpoint protection can do?
Find out more about the importance of native, server-level protection in our webinar, Meeting Compliance Goals and Beyond: Virus Protection on IBM Systems.