Multilevel Security Strategy Needed, but SMBs Face Tough Battle
While the new gateway will include features such as dynamic malware analysis and a cloud-based sandbox for finding the true nature of suspected malware, right now, it's important for companies to use the resources that are available. Some advanced solutions planned for introduction in the next few months, such as an incident-response service for use when a company is breached or a managed adversary service for use when a company is the victim of a targeted attack. These services are available on an engagement basis to any company, according to DePaoli. For SMBs, the arsenal of weapons isn't as extensive as it is for larger enterprises, but there are still steps they can take that are within their means. They include maintaining the existing endpoint protection software that's already in use. While antivirus is not the only solution, it's still essential as a first line of defense. Along with antivirus, small and midsize companies need to make sure they enable the advanced protection that's available, but not always turned on, as part of their endpoint security. They should also make sure all of their bases are covered by making sure to search for malware as well as viruses.
But ultimately, the best solution, according the DePaoli, is vigilance. "Don't click on things," he said, unless you already know what they are. But of course vigilance goes beyond just that. It includes auditing your existing security measures to ensure that they're still working, making sure your training reflects the latest threats and practices and making sure your software—all of it—stays updated. And unfortunately, there's no software out there that's a substitute for vigilance.