Threat Management Keeps the Monsters at Bay

Cyberattacks are becoming more sophisticated. Learn how organizations can up the ante with advanced protections for today's threats.

Let’s face it, cybercriminal activity that results in massive breaches and ransomware incidents continues to rise. Attackers only need one point of entry to inflict serious damage and with the ever-increasing evolution to a remote workforce, corporate security has the potential to be greatly compromised, leaving organizations exposed. Unauthorized access to even one employee’s device has the potential to open the door to all your organization’s networks and cloud environments. Even with standard security measures in place, not all employees working from home adhere to corporate security policies 100 percent of the time, which leaves the door open for compromise.

As the attack surface changes and malicious parties become more sophisticated, organizations must evolve their security approach and harden their endpoint security infrastructure. Why? Protecting data, IP and the organization’s reputation against today’s threats – the ‘monsters’ threatening your organization – requires constant assessment and adaptation as attackers find new, less obvious targets to use.

Not doing so is much like leaving your physical home doors and windows unlocked, providing access to unwanted intruders. In general, you wouldn’t want to leave your doors unlocked. The same concept holds true for your employees’ computers/endpoints, which store invaluable information that cybercriminals are looking to steal.

Let’s illustrate how security solutions protect an organization using the physical home analogy. At home, we use safeguards like locks on windows and doors. Maybe you’ve even installed a doorbell camera, to track any nefarious activity. These are fundamental steps which help keep unwanted intruders from gaining access to your home (and flagging anyone who tries to gain access). From a corporate endpoint security operations perspective, companies can do the same by putting safeguards in place at their endpoints to help keep cybersecurity hackers and threats out of their organizations.

The first layer of enterprise protection is having a Next-Generation Anti-Virus (NGAV) and Extended Detection and Response (EDR) solution in place. Dell can provide these security defenses to your organization through its SafeGuard and Response portfolio of endpoint security solutions. Dell’s partnership with VMware allows customers to purchase Dell commercial PCs with VMware Carbon Black solutions. VMware Carbon Black Endpoint Standard includes NGAV and EDR to help defend your perimeter against malware, ransomware and non-malware attacks at the endpoints. These solutions protect your organization against the full spectrum of modern cyberattacks and provide the ability for your internal Security Operations Team (SecOps) to detect, prevent and respond to both known malware and unknown non-malware attacks.

Behavioral EDR solutions will record an event when it detects, or triggers an event in your system, much like your doorbell camera system when it detects movement – and when it stops seeing an event, it stops recording. Though this type of security allows your organization to take impacted device(s) offline for further investigation and/or remediation, it doesn’t provide the full context of the action/activity. Maybe you want to see what happened before or directly after the triggered action/event. Much like a home security system that’s always recording, Enterprise Detection and Response (EDR) solutions are in an always-recording motion – detecting all events so your company’s SecOps Team can go back in time to review and help remediate potential issues.

Dell SafeGuard and Response: VMware Endpoint Advanced solution extends security to Audit and Remediation, giving SecOps the ability to audit events and their device fleet for Windows versions, latest patches for example, so they can not only make decisions in the moment, but customize detections to harden the systems across the environment.

Again, thinking about your physical home, you may put up additional security measures that include a physical fence around the perimeter with extra security cameras that record all the time. Just like in your operational environment, Dell provides additional safeguard measures through its Secureworks partnership. Secureworks Taegis XDR (Extended Detection and Response) extends security beyond the endpoint or perimeter and into your network and cloud. It not only extends coverage, monitoring and detection beyond the endpoint – the Secureworks Taegis XDR solution provides extended detection and response to the network, enterprise and cloud. Dell SafeGuard and Response: Secureworks Taegis XDR helps simplify security operations so your security analysts can speed up response and minimize damage in one tool for all investigations without manually stitching data or bouncing between tools – and correlates security data from different security tools to validate and prioritize alerts.

Much like our home scenario, what happens when you are away? Sometimes you outsource your home security to a third party. The same holds true with endpoint security software monitoring and management. Though our SafeGuard and Response portfolio of endpoint security solutions enables your SecOps teams to do it themselves, an outsource option can be useful for IT teams that are already stretched. Through subscription-based service offers like Dell PC-as-a-Service (PCaaS), customers can leverage the built-in protections from commercial PCs, and add security services and the software-based protections provided for ongoing threat management under a predictable price per month.

Customers requiring additional support may opt for an outsourced managed service whereby Dell Security Analysts manage and support your security efforts, so your SecOps Team doesn’t have to do it alone. Dell provides its Managed Detection and Response (MDR) service, powered by Secureworks Taegis XDR analytics software, to help optimize your security posture. It fills gaps in knowledge and skillsets, allowing you to scale your systems and reduce the IT burden with 24×7 advanced threat detection.

Though cyberattacks have become a part of the ‘normal’ world in which we live, you don’t have to navigate cybersecurity efforts alone. You can proactively put defense measures in place to keep the monsters at bay. Dell SafeGuard and Response solutions are here to help. Visit the Dell Endpoint Security solutions page to learn more or contact your Dell Sales Rep.

Donna Beyersdorf

About the Author: Donna Beyersdorf

Donna Beyersdorf is an Endpoint Security Product Marketing Manager at Dell Technologies, responsible for the SafeGuard and Response Threat Management Portfolio, representing VMware Carbon Black and Secureworks Taegis solutions. Donna has an M.B.A. from Dowling College and a Bachelor of Science degree in Marketing from Florida State University. She brings with her 25 years of experience in product and channel marketing, sales and business development for the software and services industries. Prior to joining Dell, Donna held similar roles at leading technology providers such as Symbol Technologies, Motorola, Inc., Zebra Technologies and Computer Associates.