. . . and the importance of segregated response.
The latest edition of Executive Vice President, Michael Hartke’s article series!
In 2007 when I first joined infotex, coming from small to medium sized business general IT support into the world of cybersecurity, the one thing that was very hard for me to internally rectify was the fact that we DO NOT have nor want the “keys to the kingdom”. That was a big change for me. As someone’s business it was to make sure my Client’s systems were working properly and usually I was the one that had all the privileged access on their systems/network.
Now… with that being said, I was also very concerned with what I knew was “security,” but that mostly stopped at not writing down their passwords or basic hardening of servers and networks.
As we all know by now, that was just the tip of the cybersecurity iceberg. I was hooked. The controls introduced to me by infotex and the regulatory requirements of our Financial Institution Clients were extensive. It gave me a secure framework and rules of engagement.
However, the one area that continued to bother me was that in this new security framework, I no longer had those “keys” because segregation was now one of those key (pardon the accidental pun) controls. We ensure our monitoring transparency by not having that access. However, all we could do with that 3AM phone call was to ask our Clients to take action. That has always felt like a deficiency to me, not being able to “jump in and help”.
That was then…
Now with MDR/EDR, we have what we call Segregated Response. With the advancements of EDR/XDR/MDR and adding said layers to our security offerings we are now able to offer what we call segregated response while maintaining our independence, as we don’t have any elevated privileges to your infrastructure. By taking potentially malicious endpoints “offline” (the agent will kill world network access and only communicate with our SOC) to stop lateral movement, or simply to “pause” activity while our 24x7x365 SOC can investigate the issue.
Above and beyond this, our offering also adds NextGen Anti-Virus with continuous cloud updates and AI User Behavior Analytics and detection built in. Really that’s just the tip of this new iceberg and again we are hooked.
Original article by Michael Hartke. Executive Vice President, infotex
Interested in EDR/MDR services? Visit offerings.infotex.com to request more information!