Embed Size (px)
Citation preview
Small Business Security EssentialsStay ahead of the game on security
Learn what the Small Businesscyber-threat landscape looks liketoday so your business can survive;reduce operational costs and growsecurely; make security a priorityfor everyone, and protect yourbusiness with Cisco.
As your business grows, it gets noticed and notall of the attention is welcome. More and moresophisticated criminal gangs are going aftersmall businesses.
43%of cyberattacks target small businesses. [1]
60%of them will be forced to close as a result. [1]
Cisco Annual Cybersecurity Report 2018 ‘Cisco ACR 2018’
$2,235,018 per year
The average amount Small Businesses spent in theaftermath of a cyber attack or data breach due todamage or theft of IT assets and disruption tonormal operations.
It’s a bitter truth that means your business' survivaldepends on understanding cyber security.
Threats are becoming moresophisticated
Hackers know your weaknesses and how toexploit them
Fewer of today’s hackers are in it ‘just for fun’or a challenge. Most are money motivated,highly organised and seldom work alone.Attackers are agile, while businesses can’talways say the same. Especially when they’vejust been ‘making do’ with security.
‘A hacker’s goal is to steal credit cardinformation, email addresses, usernames andpasswords. Anything that can be sold on to ahigher bidder. How they do it may include someof the following techniques.
Ransomware
Attackers can hold businesses virtually hostage,with ransomware; a ruthless practice. Ransomwareremotely encrypts your files without your consent.Some forms of ransomware are programmed tospread across the network.
Instead of requiring a recipient to open an emailattachment or click on a link, current trends inransomware—such as WannaCry, which began inMay 2017—enable malicious code to betransmitted between networks without userinteraction. “WannaCry is the first one tocompletely automate,” says Craig Williams, asenior security outreach manager at Talos, thesecurity research arm of Cisco.
WannaCry affected more than 200,000 computersworldwide, and may cause an estimated $4 billionin losses. WannaCry gets installed through avulnerability in the Microsoft Small Businessprotocol and is particularly effective in olderWindows environments, such as Windows XP,Windows Server 2003 and Windows 8. Microsofthad already released a security update to patch
this vulnerability, but not all users wereautomatically protected.
Small Businesses held to Ransom
Fifty-two percent of the SmallBusinesses—participating in the PonemonInstitute’s 2017 State of Cybersecurity in Small andMedium-Sized Businesses (SMB)report—experienced either a successful orunsuccessful ransomware attack in a 12 monthperiod. Once the infection is complete, a messagewill appear on your screen, demanding that youpay a ransom in bitcoins for the release of yourdata. A typical ransom can be anywhere from£200 to £10,000, but some victims have ended uppaying a lot more.Recent headlines show a new generation ofthreats going viral on a global scale andproliferating more quickly than ever. Cisco Talosthreat research group uncovered a threat, calledVPNFilter, that compromised more than 500,000small office/home office routers and networkattached storage devices around the world. Ciscodevices were not among those affected. This
complex threat allows the actor to inspect trafficthat is passing through the devices, to steal filesoff network backup drives, and potentially pivotonto connected corporate networks.
Cyber criminals understand their targets — down totheir likes and dislikes and how they conductbusiness. They know what they will pay for theirdata to be released, and they exploit any weaknessthey find ruthlessly.
Business Email Compromise (BEC)
Business email compromises (BEC) are 75% moreprofitable than ransomware. Despite that, theydon’t get as much publicity.
BEC are targeted attacks, in which hackers usesocial engineering to trick people into transferringmoney to them. There is no malware, there are noattachments. Unlike ransomware attacks, theydon’t take any data from their victims. It’s all basedon lies and misdirection.
Typically, hackers spend some time researchingtheir targeted company and start building a profile.After they know enough, they may send spearphishing emails to senior members of staff, often inthe finance department. It needs to be someonewith the authority to transfer the money. The biggerthe company, the more money they can make.However, attacks targeting small and medium-sized companies are on the increase.
The bigger the company, the more money theycan make. However, attacks targeting smalland medium-sized companies are on theincrease.
Data Breach
Data is at the heart of everything your companydoes: it’s your intellectual property, your next bigbreak, your customer records, your revenue. Abreach costs much more than just fixing outagesand damaged systems.
Building a strong security posture can help protectyour intellectual property and your reputation. Onaverage, it takes organisations 191 days to detecta breach and 66 days to contain it. (Source:Ponemon Institute). Yet the key to damagelimitation is early detection.
Cisco's median time-to-detection is 3.5 hours. If abreach happens, Cisco Incident ResponseServices experts are available within hours to helpyou contain it and fix the root causes.
Supply chain attacks
Supply chain attacks are an emerging and growingcyber threat, which demonstrates how skilledcyber criminals have become. What happens isthat the bad guys compromise the software updatemechanisms of (otherwise legitimate) softwarepackages. That then allows them to piggy-back onthe distribution of genuine software.
Crucially, the cyber criminals will target a businessin the supply chain with weak cyber securitypractices – especially when it comes to sharinginformation. This is why small businesses often gettargeted.
Once they’ve identified the weak link, the attackercan then focus on the exploitation of the ultimate,intended target.
Defend vs attackers everywhere
Don't let attackers sidetrack your business. Fightthem at all the places where they try to get in. Oursolutions protect you from the DNS layer to emailto the endpoint. And they are backed by industry-leading Talos threat research.
What to do
If you have a place in a supply chain, ask yourvendors/partners how they secure their supplychains. Ask them about their developmentpractices and their internal security controls. Howdo they roll out patches and updates to theirinternal systems, and how often? How do theysegment and secure their development, QA, andproduction environments? How do they vet theirpartners and vendors?
And be sure to ask all of these questions of yourown organisation, or you could find that it’s yourorganisation that is the weakest link in the supplychain.
More info about supply chain attacks:https://gblogs.cisco.com/uki/protecting-against-supply-chain-attacks/
Too many businesses have a ‘stackingproblem’
Some businesses just don’t have a clear cybersecurity strategy. They make do with a solutionuntil it becomes a hindrance.
Others attempt to cover all bases and end up witha stacking problem. A stack of various pointsecurity solutions from different vendors, all inplace at once. Both situations spell trouble.
The patchwork of incompatible security technologyleaves gaps, creates management headaches andmakes inefficiencies upon which hackers thrive.Each new security solution comes with anothermanagement interface. Each new solutiondemands human resources, management hours toset up, set policy, respond to alerts and it’s notalways clear whether the extra security outcomeyou gain is worth all the extra effort you are puttinginto managing that solution - rather than focusingon bigger problems elsewhere.
You may have added complexity without muchoverall incremental effectiveness. This situationisn’t helped by the fact that security is still seen asprimarily an ‘IT issue’. According to the CiscoSecurity Benchmarks Study, some organisationsdon’t particularly agree that line of businessmanagers are engaged with security. The attitudeis too often, ‘Security is IT’s problem.’ This is a realissue, because it means that security often gets‘bolted on’ rather than embedded in a company’secosystem. Cutting corners creates more work.
Done right, security can be a business enabler. Aplatform for growth.
The ‘attack surface' is getting larger,and more complicated
We work everywhere: at home, in the office,airports, coffee shops. Yet traditional securitysolutions still focus on protecting employees onlywhile on the business network.
Picture the scene:
- Users are accessing your network from theirown smart devices, from wherever they are
- Your business apps, servers, and data are inthe cloud
- Devices that don’t even look like computersare connecting to your networks (think smartmeters, thermostats, printers, cameras...)
- And to thicken the plot, you need to figureout how to get security everywhere to securethis complex infrastructure
Shadow IT
Shadow IT is the practice of employees using anyapplications they fancy, without getting the ITdepartment’s approval. This can be anything frominstalling an instant messenger service onto a workdevice, to downloading their own file sharingsoftware and using it to transfer sensitive data.
Of the respondents participating in the PonemonInstitute’s 2017 State of Cybersecurity in Small andMedium-Sized Businesses (SMB) report thatexperienced a data breach, 54 percent saynegligent employees were the root cause—anincrease from 48 percent of respondents in theprevious year’s study.
Shadow IT can create huge security vulnerabilities,especially if you don’t know how far the problemextends. This kind of operation is like going for aswim in shark-infested waters wearing a meat suit.Yet it’s incredibly prevalent in businesses. So whydoes it happen?
In fairness to staff, it happens with best intentions.Workers want to improve their own levels ofproductivity and use the latest digital tools. Staffare not usually thinking about the securityimplications when accessing these applications.Sometimes, employees use Shadow IT toolsbecause they were used to certain systems in theirprevious organisation. After all, it’s easier thanlearning something new.
Shine a light on Shadow IT
It’s possible to turn shadow IT into a positivecontribution to your business:
• If you don’t already, set up a forum or an‘ideas on a postcard’ tool that allows youremployees to submit ideas that could improvethe running of the business. Reward peoplefor doing this, and celebrate when an ideabecomes reality.
• Effective security isn’t just about thetechnology – it’s also about setting the rightprocesses. Make security awareness afundamental part of your training programme,so that people understand the consequencesof using insecure devices and programmes.
• Knowing what’s happening in your network is ahuge priority in IT security. Unfortunately, mostbusinesses don’t know when a breach hastaken place, how it got in, or how bad thedamage is. Reverse that.
Password Policy
Robust passwords continue to play an essentialrole in small busines cybersecurity. Yet 59 percentof respondents in the current Ponemon report—thesame percentage as the previous report—say theydo not have visibility into employee passwordpractices, including the use of unique or strongpasswords.
Respondents also say that password policies arenot strictly enforced. If a company has a passwordpolicy (43 percent of respondents do), 68 percentsay it is either not strictly enforced or they areunsure how well it is administered.
Growth requires security
Cyber Weakness Hurts Innovation
Deflecting cyberattacks is certainly a pressingconcern, but a more troubling outcome of weakcybersecurity is its impact on company growthand innovation.
In a recent study by Cisco, a stunning 71percent of executives said concerns overcybersecurity had impeded innovation at theircompanies. Among respondents, 39 percentsaid they had halted mission-critical initiativesdue to cybersecurity issues. These responseshighlight how cybersecurity weakness impedesthe ability of firms to innovate at precisely thetime they need to do so to compete.
Digitisation, disruption, and exponential changehave become the new normal of an intenselycompetitive business environment. Nimblebusinesses can establish a clear lead over thecompetition if they can innovate, move quickly, andreward experimentation.
A Breach Impacts More Than the Bottom LineFailing to secure your network can have far-reaching consequences, including: downtime,equipment damage and replacement, incidentresponse, forensic investigation, internal audits andcommunications.
A loss of customer confidence can permanentlydamage a previously strong revenue stream.Losing your customers’ data may result in legalaction, fines, increased regulation and remediationcosts. Yet the damage does not stop there. Forexample, if a retailer suffers a data breach,customers may not feel comfortable sharingpersonal information anymore.
Your business can gain a decisive advantageby harnessing:
- Established technologies such the web,mobile, cloud, enterprise resourcemanagement, and customer relationshipmanagement
- Fast developing technologies like artificialintelligence and data analytics
These technologies help businesses betterconnect with their customers, reach new markets,and enhance worker productivity, while alsoboosting revenues and cutting costs. Cybersecurityconcerns can hinder the pursuit of some digitalbusiness models and innovations.
Damned if you do and damned if you don’tMany business people have a bad choice. A risk ofgetting it wrong or a risk of getting left behind.They feel they must continue to press forward or
They feel they must continue to press forward orrisk being overtaken by digital disruptors and otheragile competitors. In our survey, 73 percent ofrespondents admitted they often embraced newtechnologies and business processes, despite thecybersecurity risk.
Sub-par cybersecurity leaves businesses in theworst possible competitive position: not innovatingfast enough to compete, yet not safe enough fromcyber attack, despite delaying digital innovations.
How would a security breach or a ransomwareattack affect your business?
What is the potential financial impact of anetwork outage due to a security breach,or loss of access to data and systemsdue to a ransomware attack?
- Could a security breach or ransomwareattack disrupt your supply chain?- What would happen if an attack caused yourwebsite to go down?- Does your company rely on e-commercefeatures on its website?- How long could the site be down before yourbusiness lost money?- Is your company insured against cyberattacks, or against the misuse of yourcustomers’ data? Is this insurance adequate?- Does your company have backup andrecovery capabilities to restore information, ifnecessary, after a security breach or loss ofdata due to a ransomware attack?
Digital Value at StakeDigital Value at Stake is a way to place a value onsecurity. It is based on entirely new sources ofvalue emanating from digital investments andinnovation, and value shifting among companiesbased on their ability to harness digital capabilities.
Part of the Digital Value at Stake comes from thedefensive side of cybersecurity, such as:
• Protection of intellectual property• Reduction of compromised data (both internal
and customer information) Increased businessuptime and reduced network downtime
• Protection of financial assets• Safeguarding of sensitive government,
national, and political information• Preservation of business reputation
Get the full picture. Read Cisco’s Ultimate Guide toCybersecurity to Drive Profitability.
A secure platform for growthCisco’s integrated security architecture helpsbusinesses: to improve security effectiveness byminimising the time to detect threats and resolveincidents, to drive savings (in both capital outlayand operational expenditure) and improve IT staffproductivity.
Getting everyone on boardwith cybersecurity
Make security a priority for everybody
Sometimes it takes a big hit for everybody toget on board with cybersecurity initiatives.
60% of small businesses who suffer acybersecurity breach are forced to close.Which means, for you especially, prevention isbetter than cure.
Present the risk factors specific to your companyHelp your board understand the security threatsthat could affect your particular organisation. Don’tspend too much time presenting generic trendsand statistics. Instead, help them see theconnection between those security trends and thechallenges that are very specific to your businessand industry. The more context you can provide,the more relevant it will be to your board.
For example, you can talk to them about yourcompany’s biggest source of revenue and givethem examples of how security threats such asransomware could pose a threat. If your companykeeps sensitive data such as financial records, youcould you show examples of the legal implicationsand fines your organisation could incur if such datawas publicly released.
Show them how an attack works, how easy it canbe to compromise security. Give them realexamples of the issues you are already facing aswell as the risks and the long-term effects thatthose problems could have.
Quantify everything
Executives like their metrics and numbers. It is,therefore, important that you align your securitypriorities to your company’s goals and deadlines.Acknowledge their business and IT priorities andshow how security will help them achieve it.
Show also the flip side: how a security incidentcould put their plans at risk. For example, if you areabout to launch a new product, what is thepotential damage to your business of having thatintellectual property made public or destroyed?
In fact, it doesn’t need to be a hypothetical issue. Ifyou can quantify how existing security issues arealready costing your business, then that makes foran even better argument.
Repeat, repeat, repeat
It is unlikely that you will get everything you needfrom a one-off conversation. Make yourcommunication simple and frequent. Establishregular catch-ups and report often on relevantmetrics. Don’t be afraid to repeat yourself and tryout a few different angles until the message getsacross and you secure the funds and support youneed.
How GDPR will help
In many cases, security professionals struggle tospeak the same language as their board ofexecutives and help them understand why theyneed to prioritise investment in security. When apublic cyber attack happens and executives seethe multidimensional damage it causes, then thosereasons to invest become crystal clear.Conversations (and changes) happen at a muchfaster pace when everyone understands the issue.
This is where laws such as the GeneralData Protection Regulation (GDPR),which took effect in May 2018, can helpimprove security.
Companies that are already investing in securitymay not have a lot to worry about, as they areprobably well on the way to being compliant (onthe security side of GDPR). On the other hand, forthose organisations that have been struggling tosecure funds to invest, GDPR offers a greatopportunity to get security professionals and topleaders on the same page. New legislations suchas this are forcing minimum standards on
companies, which will help support greatertechnology innovation in the future.
Data privacy and IT security are not only regulatoryrequirements, but also customer demands. It isbecoming more frequent for companies to getquestions from their customers about how they arehandling their data. There is a relationship of trust,an assumption that the company receiving theirdata will take good care of it. The law is just thereto ensure that companies are doing all they can tohonour that trust.
Protect your business with Cisco
Network Security
What is Network Security?Network security is any activity designed toprotect the usability and integrity of yournetwork and data. It includes both hardwareand software technologies. Effective networksecurity manages access to the network. Ittargets a variety of threats and stops them fromentering or spreading on your network.
How does network security work?Network security combines multiple layers ofdefenses at the edge and in the network. Eachnetwork security layer implements policies andcontrols. Authorized users gain access tonetwork resources, but malicious actors areblocked from carrying out exploits and threats.
How do I benefit from network security?
Digitization has transformed our world, how welive, work, play, and learn. Every organization thatwants to deliver the services that customers andemployees demand must protect its network, andits proprietary information from attack. Ultimately itprotects your reputation.
6 steps you can take to secure your network
1. Monitor the traffic coming in and going outyour firewall and read the reports carefully.Don’t rely on alerts to flag dangerous activity.Make sure someone on your teamunderstands the data and is prepared to takethe necessary action.
2. Keep an eye on new threats as they’rediscovered and posted online. For example,the Cisco Talos blog provides instant updateson new threats, vulnerabilities and a detailedweekly threat roundup. Trend Micro’sTrendWatch site tracks current threat activity.Also, you can have the U.S. ComputerEmergency Readiness Team (US-CERT, a
division of Homeland Security) email alerts toyou about recently confirmed softwarevulnerabilities and exploits.
3. Enable regular updates for your firewall andanti-virus software.
4. Train employees on an ongoing basis so theyunderstand any changes to your acceptable-use policy. Also, encourage a ”neighborhoodwatch“ approach to security. If an employeenotices anything suspicious, such as not beingable to log into an email account right away,he or she should notify the appropriate personimmediately.
5. Install a data protection solution. This type ofdevice can protect your business from dataloss if your network’s security is breached.
6. Consider additional security solutions that willfurther protect your network as well as expandyour company’s capabilities.
Types of Network Security
Access control
Not every user should have access to yournetwork.To keep out potential attackers, you needto recognize each user and each device. Then youcan enforce your security policies. You can blocknoncompliant endpoint devices or give them onlylimited access. This process is network accesscontrol (NAC).
Application security
Any software you use to run your business needsto be protected, whether your IT staff builds it orwhether you buy it. Unfortunately, any applicationmay contain holes, or vulnerabilities, that attackerscan use to infiltrate your network. Applicationsecurity encompasses the hardware, software, andprocesses you use to close those holes.
Antivirus and antimalware software
“Malware,” short for “malicious software,” includesviruses, worms, Trojans, ransomware, andspyware. Sometimes malware will infect a networkbut lie dormant for days or even weeks. The bestantimalware programs not only scan for malwareupon entry, but also continuously track filesafterward to find anomalies, remove malware, andfix damage.
Data loss prevention
Organizations must make sure that their staff doesnot send sensitive information outside the network.Data loss prevention, or DLP, technologies can stoppeople from uploading, forwarding, or even printingcritical information in an unsafe manner.
Behavioral analytics
To detect abnormal network behavior, you mustknow what normal behavior looks like. Behavioralanalytics tools automatically discern activities thatdeviate from the norm. Your security team can thenbetter identify indicators of compromise that posea potential problem and quickly remediate threats.
Email security
Email gateways are the number one threat vectorfor a security breach. Attackers use personalinformation and social engineering tactics to buildsophisticated phishing campaigns to deceiverecipients and send them to sites serving upmalware. An email security application blocksincoming attacks and controls outbound messagesto prevent the loss of sensitive data.
Firewalls
Firewalls put up a barrier between your trustedinternal network and untrusted outside networks,such as the Internet. They use a set of definedrules to allow or block traffic. A firewall can be
hardware, software, or both. Cisco offers unifiedthreat management (UTM) devices and threat-focused next-generation firewalls.
Intrusion prevention systems
An intrusion prevention system (IPS) scansnetwork traffic to actively block attacks. CiscoNext-Generation IPS (NGIPS) appliances do this bycorrelating huge amounts of global threatintelligence to not only block malicious activity butalso track the progression of suspect files andmalware across the network to prevent the spreadof outbreaks and reinfection.
Mobile device security
Cybercriminals are increasingly targeting mobiledevices and apps. Within the next 3 years, 90percent of IT organizations may support corporateapplications on personal mobile devices. Ofcourse, you need to control which devices canaccess your network. You will also need toconfigure their connections to keep network trafficprivate.
Network segmentation
Software-defined segmentation puts networktraffic into different classifications and makesenforcing security policies easier. Ideally, theclassifications are based on endpoint identity, notmere IP addresses. You can assign access rightsbased on role, location, and more so that the rightlevel of access is given to the right people andsuspicious devices are contained and remediated.
VPN
A virtual private network encrypts the connectionfrom an endpoint to a network, often over theinternet. Typically, a remote-access VPN usesIPsec or Secure Sockets Layer to authenticate thecommunication between device and network.
Web security
A web security solution will control your staff’sweb use, block web-based threats, and denyaccess to malicious websites. It will protect yourweb gateway on site or in the cloud. “Websecurity” also refers to the steps you take toprotect your own website.
Wireless security
Wireless networks are not as secure as wiredones. Without stringent security measures,installing a wireless LAN can be like puttingEthernet ports everywhere, including the parkinglot. To prevent an exploit from taking hold, youneed products specifically designed to protect awireless network.
Talos Threat Intelligence
Talos is Cisco’s industry-leading threat researchand intelligence team, and every Cisco securityproduct is protected through Talos. Talos has morethan 250 threat researchers working round theclock and across the globe, with a repository of
100 terabytes of threat intelligence.
We see a third of the world’s email traffic dailyand over 2 percent of the world’s DNSrequests. We encounter over 1.1 millionunique malware samples each day through ourAdvanced Malware Protection (AMP) andthreatGRID technology, which allows us toblock 19.7 billion threats a day on ourcustomers’ networks.
That’s right-19.7 billion threats blocked a day.
Such vast knowledge and research capabilitiesunderwrite Cisco’s cybersecurity solutions, whichoffer the visibility, automation, flexibility, andscalability required to protect your networkenvironment against increasingly sophisticatedthreats.
Cisco Umbrella
A cloud security service that provides built-inprotection for your internet service
Cisco Umbrella is a cloud security service thatprovides built-in protection against attacks overyour internet connection, helping you mitigate thetime and cost spent dealing with cyber attacks.
The solution provides proactive protection against
threats on the internet, such as malware, botnetsand phishing attacks. It helps keep your businesssafe by delivering clean traffic before it reachesyour internal network, effectively learning whereattacks are being staged, and blocking threats overall ports and protocols. You can be confident thatwith secure internet access, you are protected witha first layer of defence against malware.
Cisco Umbrella provides visibility into all internetrequests across your network, across every port,protocol or app to uncover and block connectionsto malicious domains and IP's. See why smallbusinesses are realizing the security multipliereffect by using DNS to complement existingsecurity measures. What attacks aren’t youseeing?
Next Generation Firewall
A traditional firewall is able to control the traffic atthe point of entry or exit within the network. Inother words, it’s the drawbridge between your ownbusiness and the ‘great unwashed’ of the rest ofthe internet.
This was perfect for those simple times – backwhen you used to be able to see everything thatwas latching onto your network. Now, businessesare increasingly playing host to a myriad ofunknown devices, and a deep dark sea of cloudapplications which are downloaded by employees.
The main difference with a next generation firewallis that you can set application controls andpolicies. For example, if a member of your staffdownloads some file sharing software that may beunsecure, this will be automatically be made visibleand you can do something about it instantly.
Plus, overall you will gain far more visibility andcontrol over the users, devices, threats, andvulnerabilities in your network. So when your boardasks you, “Are we secure?” you can provide amuch more comprehensive answer than if youhave a traditional firewall that only controls traffic.
Learn more about Next Generation Firewalls or findthe best Next Generation Firewall for you.
Advanced Malware Protection
Next-generation endpoint security
Next-generation endpoint security is theintegration of prevention, detection, andresponse capabilities in a single solution,leveraging the power of cloud-based analytics.Cisco AMP for Endpoints is a lightweightconnector that works on your Windows, Mac,Linux, Android, and iOS devices.
Cisco AMP for Endpoints provides comprehensiveprotection against the most advanced attacks. Itprevents breaches and blocks malware at the pointof entry, then rapidly detects, contains, andremediates advanced threats that evade front-linedefenses and get inside your network.
Prevent: Strengthen defences using the bestglobal threat intelligence, and block bothfileless and file-based malware in real time.
Detect: Continuously monitor and record allfile activity to quickly detect stealthy malware.
Respond: Accelerate investigations andautomatically remediate malware across PCs,Macs, Linux, servers, and mobile devices(Android and iOS).
It can use the public cloud or be deployed as aprivate cloud. AMP continuously monitors andanalyzes all file and process activity within yournetwork to uncover the 1 percent of threats thatother solutions miss. AMP never loses sight ofwhere a file goes or what it does. If a file thatappeared clean upon initial inspection ever exhibitsmalicious behavior, AMP is there with a full historyof the threat’s behavior to catch, contain, andremediate.
Discover Unknown Threats
AMP’s built-in sandboxing technology analyzes thebehavior of suspicious files and correlates itagainst other information sources. File analysisproduces detailed information to give you a betterunderstanding of how to contain the outbreak andblock future attacks.
When a file is deemed malicious, AMP drasticallyreduces the amount of time and resourcesrequired to investigate. It automatically providesinsight into your most pressing questions,including:
• What happened?• Where did the malware come from?• Where has the malware been?• What is the malware doing now?• How do we stop it?
With a few clicks in AMP’s browser-basedmanagement console, the file can be blocked fromrunning on all endpoints. Cisco AMP knows everyother endpoint the file has reached, so it canquarantine the file for all users. With AMP, malware
remediation is surgical, with no associatedcollateral damage to IT systems or the business.
How to Stop and Quarantine a File with CiscoAMP:
Cisco Meraki
Cloud Managed Security & SD-WAN
100% centralized cloud management for security,networking, and application control.
Cisco Meraki Security Appliances can be remotelydeployed in minutes using zero-touch cloudprovisioning. Security settings are simple to
synchronize across thousands of sites usingtemplates. Auto VPN technology securely connectsbranches in 3 clicks, through an intuitive, web-based dashboard.
Comprehensive Security in a Single Box
Every Meraki Security Appliance supports severalfeatures, like a stateful firewall and integratedSourcefire intrusion prevention (IPS) engine, tokeep networks secure. Threat definitions and filterlists are seamlessly updated, ensuring every sitehas bleeding-edge protection from the latestvulnerabilities and troublesome websites.
Secure a Site in Minutes1. Add Meraki Security Appliance to dashboard.2. Enable intrusion prevention.3. Select desired threat protection level.
Find out more
For the latest insight and innovation, visit: CiscoTech Connection for Small Business or exploremore Cisco Small Business resources and CiscoSecurity to protect your business.
Thank you for reading
Small BusinessSecurity Essentials
Cookies Terms Privacy
