Polish Up Your Best Practices Around Alerts and Remediation: Protect Against Malware
This is the third installment of our series on best practices around alerts and remediation for remote monitoring management. In this post, we’ll address malware and what you need to do to keep your network devices secure.
It’s no secret that people choose Mac computers for business because their devices deliver a best in class OS, a famously intuitive user experience, and superlative device security measures. But if you run an IT department for any organization, you also know that the bad actors creating malware don’t exempt any brands from their attacks.
Mac computers have been increasingly targeted in the past year. The MalwareBytes’ 2020 report included shocking statistics about the pace of malware growth: they detected an average of 11 threats per Mac endpoint in 2019, which was nearly twice the average number of threats per endpoint on Windows devices.
Thanks to Apple’s silent anti-malware tool, this change may not be something that most Mac computer users are aware of day to day, but the misconception that Apple computers are immune to malware is crumbling and IT admins need to have a game plan to mitigate this risk. Here’s what your team needs to consider when it comes to mitigating the threat of malware in an enterprise environment.
Step 1: Know What’s on Your Network and Devices
This may seem like a step away from alerts management to those of you who already use a mobile device management (MDM) solution, but it is the first step toward mitigating the risk of malware. This is worth reiterating: the first step to mitigating the risk of malware impacting Apple devices on your network is to know what’s on your network.
Apple device management tools make it easy to see what devices are enrolled in your organization, and with Apple’s Automated Device Enrollment, you can get a clear view of which software applications are on each device. It’s a lot of information, but with a mobile device management solution, it’s easy to navigate on one single pane of glass (by which we mean your screen).
Step 2: Have the Right Software to Mitigate the Risk of Malware
Once you have an inventory of the Apple devices network, you need to make sure you have the right anti-malware installed on all of them.
As Apple enthusiasts, we’ll be the first to agree that Apple security is superlative, but hackers and people designing malware in back rooms are specialists in what they do too. To get out ahead of risks, it’s important to have the right software installed on all Apple devices on your network.
One of the benefits of using a mobile device management solution is that it can partner with anti-malware or antivirus software solutions and roll them out in tandem. Addigy partners with MalwareBytes, which can help you deploy solutions that are anti-malware on their devices across your fleet, install it on new devices, and ensure that it is turned on for every Apple device in your environment. (This is where alerts management comes in.)
This same MDM solution allows you to push this software out to all devices on your network and within just a couple of clicks, monitor your network devices for any malware and automatically remove it from impacted devices.
Step 3: Remove Known Threats and Back This Up with Monitoring and Alerts
As with any application, antimalware software must be installed and regularly updated in order to work as intended. To this end, you should set up alerts to inform you if any device on your network has fallen out of compliance with your antimalware software requirements.
This can be accomplished by setting up a device fact to trigger an alert if a ticket was created with the device name and what threat was detected. Because alerts and remediation for any macOS device can be scripted and customized, you can also set this up to integrate with your alerts to create a ticket flagging if malware was detected so that you can communicate what’s going on to impacted end users.
This last step can be a powerful conversation: this can provide education for end users who may have accidentally downloaded malware and reinforce that your IT team is on call to support their needs.
The information your IT team will gain from this alert is also helpful in reporting: it will let you know what malware was found, how many were remediated, and if any were not automatically remediated. Analyzing this data will help you identify larger patterns and vulnerabilities that you may need to address in the short or long term.
Alerts Help Your Team Proactively Mitigate the Risks of Malware
With a proactive approach to monitoring and remediation, a mobile device management solution can enable you to automate the removal of malicious applications and whitelist your anti-malware software. The second of these means that end users won’t be prompted to give permission to run a security program. This invisible background security a boon to end users, and it won’t alarm them with pop-up questions and reminders.
By remotely managing your devices and the antimalware software on them, your IT team also gets to play hero. There’s little satisfaction as soothing as the response you get from users after sending an informative email that lets them know that a risk was identified and that it has already been eliminated.
Get out ahead of malware and stay on top of risks in your environment with a simple system of alerts and remediation.