Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

20) Does your organisation use anti-malware controls to protect all of its endpoints and internal IT infrastructure?

August 30, 2022
IT Operations
Endpoint Protection

Answer yes if your organisation has deployed anti-malware solutions on all user endpoints and IT systems, and if these solutions receive regular signature updates and are configured to scan files regularly (at least daily). Please provide details of your malware protection solutions in the notes section.

An anti-malware solution is a tool that protects IT systems from malware (malicious code that hackers use to perform unwanted actions on your systems). Anti-malware solutions can be called anti-virus tools, or newer solutions are often called endpoint detection and response (EDR) tools.

Anti-malware tools typically work using two main methods, signature scanning and by using heuristics. Signature scanning involves your solution scanning all the files within your system to see if the files share a ‘signature’ with any know strains of malware. Therefore, it is important to ensure your anti-malware solution is continually up to date with the latest malware signatures.

Heuristic analysis involves the solution monitor your system and the files within it to identify behaviour that is indicative of a malware infection. This new approach doesn’t require the use of signatures and is more likely to spot strains of malware that are new and that haven’t before been seen in an attack (as these strains of malware won’t have a registered signature).

A good anti-malware solution will significantly reduce your IT security risk profile by providing users with protection from viruses and other malware, and solutions can often help prevent phishing attacks, block ads and spam, and ensure users systems are kept patched. Anti-malware should be deployed across all of your end points, mobile devices that have access to corporate information, and servers and systems within your production environments.

This is a control required to maintain a Cyber Essentials certification.

How to implement the control

In order to implement this control you need to implement and deploy an anti-malware tool on each of your organisation's endpoints, mobile devices, and production systems.

There are a number of anti-malware tools on the market, including Crowdstrike.

If you would like to contribute to this article or provide feedback, please email Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.