As service providers we spend a lot of time talking to our clients about what something actually is. Technology – especially security technology – has become so complex that we find ourselves dedicating a large chunk of our time with customers explaining not just why they need it, but what it actually is.
EDR (endpoint detection and response) is a case in point. It sounds great, but what actually is it and why do customers need it?
In simple terms, EDR offers a means to detect and respond to threats at the endpoints, rather than inside the network. But how do we explain to customers that this means more than just a firewall and some antivirus software?
It’s a weathered mantra, but it remains key – education, education, education.
End user education is vital to ensuring that EDR is properly implemented within an organization. We have to ensure clients understand that threats very rarely come in uninvited. There is nearly always an end user involved when a breach is identified, so end user education is a vital aspect of security that must be incorporated into all EDR solutions.
We take a multi-layered approach to our EDR solution here at eGuard Tech, with not only end user education and antivirus, but also AI technologies that can seek out and analyze threats before they become an active breach. Along with this we ensure we configure DMARC, which builds on SPF and DKIM, and we monitor all customer endpoints via monthly reports. This enables us to identify any patching that is required and, crucially, which of those patches is critical.
Backup must also always be part of your EDR solution stack. Offer your customers a backup solution that has multiple restore points and an off-site replication.
The key to EDR is not to have any gaps. Its very purpose is to offer a comprehensive security solution that customers can rely on to do exactly what it says it will – detect and respond to threats at your endpoint before they get any further.