Table of Contents
Introduction
Remote working has many employees not only working from home but really from anywhere. Services necessary to work remotely such as VPN, cloud-based applications and internet access vary along with the reliability of those services. Inconsistent service availability means employees work both online and offline. As attacks against remote systems continue to surface, can endpoint security consistently keep a distributed organization safe?
Video
Offline Protection
One challenge many remote employees experience is inconsistent connectivity. From overworked corporate VPNs to unexpected traffic spikes to cloud-based applications and unreliable internet service, inconsistent availability can stop employees from connecting but not necessarily from working. Employees can often work offline and reconnect either when needed or when services are available.
Many endpoint security solutions – whether signature-based or cloud-based – rely on internet connectivity to provide protection. Signature-based solutions need to be constantly updated while some cloud-based solutions host detection technologies in the cloud. When endpoints are offline, detection may be limited or only as good as the last update.
With ever increasing attacks, endpoint security needs to consistently protect systems wherever they are and whatever their status – online or offline.
Solution
CrowdStrike’s next-gen antivirus is a cloud-native solution that protects against all types of attacks from commodity malware to sophisticated attacks with one solution — even when systems are offline. CrowdStrike’s detection capabilities reside both on the endpoint agent and in the CrowdStrike cloud with Threat Graph.The lightweight Falcon agent that runs on each endpoint includes all the prevention technologies required to protect the endpoint, whether it is online or offline. Those technologies include machine learning to protect against known and zero-day malware, exploit blocking, hash blocking and behavioral-based detection or Indicators of Attack (IOAs) to prevent sophisticated fileless and malware-free attacks.
If there is no internet connectivity at the time of the malicious event, the Falcon agent will protect the system and event details will be cached on the endpoint until connectivity is re-established.
Closing
Get immediate time-to-value, extend your visibility and protect your organization no matter where your employees are. Try the CrowdStrike Falcon® platform for free: https://go.crowdstrike.com/try-falcon-prevent.html
More resources
Content provided by Anne Aarmess
Leave a Reply