Posts

How to Upgrade Your Endpoint Protection

endpoint protection upgrade Most malware and virus protection takes the form of an endpoint protection solution that resides on each PC or Mac. As the system accesses files, the content is compared against a database of malware profiles. These types of solutions are failing more frequently as the number of malware variants skyrockets and the threats get more sophisticated.  Detecting malware depends more on analyzing file behavior patterns than it does the file content. This poses the need for an endpoint protection upgrade to ensure proper protections are in place.

Symantec Endpoint Protection Upgrade

Upgrading Symantec Endpoint Protection is an important step to ensure that your endpoint security solution remains effective against evolving threats. It’s important to note that specific upgrade processes may vary depending on your environment and the version of Symantec Endpoint Protection you are currently using. Here are some steps you can consider when upgrading Symantec Endpoint Protection:

  1. Review the System Requirements: Before upgrading, ensure that your systems meet the minimum requirements for the new version of Symantec Endpoint Protection. Check the product documentation or contact Symantec support for the specific requirements.
  2. Backup Configuration and Data: Prior to upgrading, create a backup of your existing Symantec Endpoint Protection configuration settings, policies, and any important data. This will allow you to restore settings in case of any issues during or after the upgrade.
  3. Check for Compatibility: Verify the compatibility of any third-party software or integrations with the new version of Symantec Endpoint Protection. Ensure that they will continue to function properly after the upgrade.
  4. Plan the Upgrade Strategy: Develop an upgrade plan based on your organization’s requirements. Consider factors such as the number of endpoints, network bandwidth, maintenance windows, and any potential impact on users or critical systems.
  5. Test in a Lab Environment: If feasible, set up a test or lab environment to perform a trial upgrade. This allows you to identify and address any potential issues before rolling out the upgrade to your production environment.
  6. Communicate with Stakeholders: Notify relevant stakeholders, such as IT teams, end-users, and management, about the upcoming upgrade. Provide information about the benefits, timeline, and any potential impact on their workflows.
  7. Obtain the Latest Version: Obtain the latest version of Symantec Endpoint Protection from the official Symantec website or through your authorized Symantec partner. Ensure that you download the correct version for your operating system, and don’t let outdated technology slow your business down.
  8. Read the Upgrade Documentation: Carefully review the upgrade documentation provided by Symantec. Follow the step-by-step instructions and pay attention to any specific considerations or prerequisites mentioned.
  9. Perform the Upgrade: Execute the upgrade process on a test system or a small group of endpoints first, ensuring that everything functions as expected. If successful, proceed with upgrading the remaining endpoints according to your plan.
  10. Post-Upgrade Testing and Validation: After the upgrade, perform thorough testing to validate the functionality of Symantec Endpoint Protection. Test key features, policies, and ensure that endpoints are adequately protected.
  11. Monitor and Troubleshoot: Monitor the upgraded environment closely for any issues or unexpected behavior. Address any problems promptly and seek assistance from Symantec support if necessary.

Remember to consult the official Symantec documentation and support resources for detailed guidance tailored to your specific version and environment.

Cloud-based Alternatives offer Better Endpoint Protection Solutions

Traditional endpoint protection software is limited by the local device resources and the need to minimize performance degradation.  Instead of using a database with megabytes or gigabytes of information, cloud-based solutions compare file content and behaviors against terabytes of information, improving accuracy and dramatically reducing risks. The footprint on the endpoint can be significantly less, avoiding the performance impact of most endpoint protection software. Cloud-based endpoint protection solutions offer the ability to protect users across devices — PC, Mac, iOS, and Android — through a single system and management console.

Leveraging a cloud-based endpoint protection solution can improve your protection against current and evolving risks, at a more cost-effective price.

Our Recommendation

We recommend Webroot SecureAnywhere as our preferred solution for several reasons:

  • Webroot is better at catching behavioral malware, such as ransomware
  • Webroot can coexist or replace your current endpoint protection solution
  • Webroot can protect individual devices, or users across multiple devices and device types
  • Webroot has a small, secure footprint that does not create performance issues

Other Best Practices for Endpoint Protection

mplementing best practices for endpoint protection is crucial to safeguarding your devices and data from security threats. Here are some key practices to consider:

  1. Use a Robust Endpoint Protection Solution: Deploy a comprehensive endpoint protection solution that includes antivirus/anti-malware, firewall, intrusion prevention, and other security features. Regularly update the solution with the latest security patches and definitions.
  2. Keep Operating Systems and Software Up to Date: Ensure that all endpoints have up-to-date operating systems and software applications. Enable automatic updates to receive the latest security patches and bug fixes, reducing the risk of vulnerabilities being exploited.
  3. Employ Multi-Factor Authentication (MFA): Implement MFA for accessing critical systems and sensitive data. MFA adds an extra layer of security by requiring users to provide additional verification factors, such as a password and a temporary code sent to their mobile device.
  4. Enforce Strong Password Policies: Enforce the use of strong, unique passwords across all endpoints. Encourage the use of password managers to facilitate the creation and management of complex passwords. Consider implementing password expiration and complexity requirements.
  5. Educate Users about Security Awareness: Conduct regular training sessions to educate users on common security threats, such as phishing, social engineering, and malicious attachments. Teach them to recognize and report suspicious activities to help prevent breaches.
  6. Implement Least Privilege Principle: Assign users the least privileges necessary to perform their tasks effectively. Limit administrative access to only those who require it. Regularly review and revoke unnecessary privileges to minimize the risk of unauthorized access.
  7. Enable Endpoint Encryption: Encrypt data on endpoints, especially laptops and mobile devices. Full disk encryption helps protect sensitive information in case of theft or loss. Additionally, consider encrypting data during transmission using secure protocols (e.g., HTTPS).
  8. Regularly Back Up Endpoint Data: Perform regular backups of critical data on endpoints. Use both local and off-site backups to ensure data availability and quick recovery in the event of data loss or ransomware attacks. You may also consider evaluating SaaS backup solutions.
  9. Implement Network Segmentation: Segment your network to limit the lateral movement of threats. Divide your network into logical zones with restricted access controls and monitor traffic between segments for potential threats.
  10. Monitor and Analyze Endpoint Activity: Implement endpoint detection and response (EDR) solutions to monitor and analyze endpoint activities in real-time. This helps identify and respond to suspicious behavior, malware, or breaches promptly.
  11. Regularly Conduct Vulnerability Assessments and Penetration Testing: Perform regular vulnerability assessments and penetration testing to identify and address potential weaknesses in your endpoint security infrastructure. This helps proactively identify and remediate vulnerabilities before they are exploited.
  12. Establish an Incident Response Plan: Develop and document an incident or breach response plan outlining the steps to be taken in case of a security incident. Regularly review and update the plan to ensure its effectiveness and alignment with emerging threats.

Upgrade Your Endpoint Protection Today

Try Webroot SecureAnywhere for free for 21 days and let’s see if your current solution is missing any risks. If you like what you see, we can save you money on licenses and support.  If not, we discontinue the service. Get in touch today to see how we can help with endpoint protection and other data protection and security needs.

Security Alert: New Malware Wipes Hard Drives to Prevent Detection

computerkey
As first published on ZDnet’s Zero Day Blog, Cisco System’s Talos Group has identified a new strain of malware that will render systems useless to avoid detection and analysis.

Named as the Rombertick strain, the spyware collects data on everything a victim does online, indiscriminately, without focusing on specific areas such as online banking or social media.

Most concerning, however, is the Rombertick’s built in defenses. If the virus detects that it is being analyzed it will attempt to overwrite the Master Boot Record, rendering the PC inoperable. If that fails, the virus will destroy all files in a user’s home folder by encrypting each file with random keys.

In short, once infected, it is nearly impossible to remove without rendering you PC useless.

As Rombertick infection rates are still low, the best protection is good security practices:

  • Make sure you anti-virus software is up to date and switch to (or add) a cloud-based AV solution with continuous updates.
  • Do not click on attachments from unknown senders
  • Block email attachments that include executable scripts or code

While these steps are helpful, a defense-in-depth approach is best at identifying and preventing malware, particularly for viruses that are designed to evade detection.


If you would like to verify the robustness of your anti-virus protection, we can add a cloud-based layer of protection at no cost for a month and help you analyze your results. Contact us for additional information.

Click these links to learn more about our Webroot solutions and additional data protection and security solutions.


 

Ransomware Still Crippling “Protected” Networks

cyrptovirus
The rate of infections from crypto-viruses and other ransom-ware continues to rise. Even networks with traditionally strong malware protection are getting caught.

And while with good backups in place, it is possible to recover without paying the ransom, the process time consuming, frustrating, and expensive.

We outline the reasons for the broad failure of anti-virus/malware protection software in this prior blog post, providing 5 failings of most antivirus solutions.

Now, we are offering a risk-free way to assess if your malware protection is up to par.

The Offer

We will install Webroot Secure Anywhere Endpoint Protection, a cloud-based malware protection service that avoids the 5 failings of other solutions, at no cost for 30 days. Based in the cloud, Webroot will not interfere with your current protections.

At the end of the 30 days, you will see what malware, if any, was caught by Webroot that your existing solution has missed.

If your existing solution is not up to par, and you want better protection, we can activate a full subscription to Webroot for you $18 per year per device or less (more than 25% off).

Simply contact us if you are willing to see if your protection is enough, or if you would like more information.

The Impact of This Week’s Malware News

For the first time, MAC users are struggling with a serious, wide-spread, malware outbreak for Mac OS.  As reported by ZDnet, Apple is struggling to define its role as customer unaccustomed to these types of problems search for answers and help.

Also, this week, Microsoft announced that 1 in 14 Internet downloads is Windows malware.  According to ZDnet, Microsoft shared the data, gathered from anonymous security reports, to tout the security features of IE9.

Both of these events give us serious pause, as they should for you.

In today’s world, the best place for your computer to catch a virus or other malware is from web site visits and downloads.  At the same time, many webmasters are unaware that hackers have compromised their sites.

Desktop and email spam and virus protection are no longer sufficient.  Web security and active web filtering are an essential security component.  If you don’t have a web security solution in place, your are neglecting one of the largest risks to your network, systems, and data.

Fortunately, you have more web security options than you may think.  Web security no longer means committing to hardware, software, and firewall upgrades.  Cloud-based web security services offer greater protection at a lower cost, and require less administrator time.

Want to know more?  Contact us and we will schedule a call.