Advanced Antivirus/Malware Protection for Servers
Dave Hodgdon and Steve Ripper talk about Server 2008 end-of-life, as well as the different levels of antivirus and malware protection available for servers.
Mike: Okay. 98.1 WTSM, but first we need to stop the machines. Stop the clocks. Welcome into the new year. It’s our Tech Tuesday. Everybody. A nice round of applause. All right, Tech Tuesday! Steve Ripper and Dave Hodgdon, they join us from Portsmouth Computer Group and we’re powered today by Portsmouth Computer Group, all the time, PCG IT for world class IT servicing. For customer support, go to PCGIT.com and convenient locations in Portsmouth and Dover here on the seacoast, and open in Manchester and Portland, Maine!
All right, so advanced antivirus, malware protection for your servers. What you need to know, what is that all about Steve?
Steve Ripper: So we’re worried about how we’re protecting the servers themselves. We’ve been talking about the desktops, we’ve been talking about your devices, we’ve been talking about the cloud in the web. Today we want to talk specifically about, because so many companies out there still have servers in the room. They’ve got servers everywhere and how are we protecting them? What are we putting on there? Specifically we’re worried about the 2008. Just as much as we’ve been talking about moving to Windows 10 right?
Mike: Mm-hmm.
Steve: For the Windows 7 that same thing is going on with your servers. So if you’re out there, you’re listening and you’re managing your company, right? You’re an office manager, you’re the owner, right? You’ve got Server 2008 servers and those are being retired too. Those need to be dealt with.
Mike: Big risk.
Enterprise Grade Antivirus for Servers
Steve: So yeah, so we’re worried about what’s going on on the servers. Are we, are we putting antivirus on there. Do we have an enterprise grade level of antivirus on there. A lot of people don’t know that there’s different types of antivirus. Just like you have different flavors of ice cream, you have antivirus that’s not very good, and you have antivirus that’s very, very good. Right? So that’s what we’re talking about today.
Dave Hodgdon: I call it antivirus on steroids. It’s just a whole new ball game of what it can do.
Mike: But the other thing too is with that people have to be aware of as we move into the new year and the new decade, the new technology is making it easier and more convenient for hackers to get into your systems. There’s more hacking, there’s more malware, there’s more junk out there than ever before.
And that’s, that’s part of the problem. That’s what I’ve always called the downside of technology. I mean, you got people like that who want to just destroy your information and destroy your company, destroy your servers and get your information. We’ve talked about ransomware now going onto your phones. This is serious stuff.
Dave: It’s just like crime. It’s just like drive rounds or reckless drivers. I mean, people drive drunk, committed. It is what it is. It’s life. So we just need to get used to it and get over that. Cause you know, without this now your business can’t operate without IT.
Steve: Yeah. And so the security products that we’re talking about, that’s our tools. When a company looks at us and says, okay, so there’s all these, just like you said Mike, there’s all these threats out there.
There’s either people trying to hack in or viruses or bots. They’re not even people there. They’re computer driven programs. So what does PCG do or any one of these types of our companies? What do we do to try and do something about this? So these security products are what we do. We’re putting software on the firewall that manages the traffic and looks at the traffic coming through the firewall and usually has a service that is watching that and monitoring it 24/7.
Traffic Monitoring
Mike: What can you see through that? What information comes out of that?
Dave: From my standpoint, from a business standpoint, you’re looking for unusual activity or an IP or a different location that’s trying to access your system that is not of the norm. So you might be an employee at that work and you’re going to work from home.
We know that IP’s coming in, that’s a good one. If you go on a vacation we know where we’re coming in. If all of a sudden there’s some unusual activity from North Dakota from overseas, and there’s some oddity I call traffic patterns. Something is just not right and is looking for someone may be changing the admin password, someone moving your data off your backup. And that’s what we’re trying to emphasize to our audience today.
Steve: And as far as files are concerned, the word we use is signatures so the security industry is coming up with, they’re looking at all the software, all of the hacks, all of the malware, all of the viruses. They’re looking at those and saying these are the characteristics that these files have. And they write what are called signatures so that when your firewall or the anti-virus that is on your machine knows what to look for.
It sees this file coming in. So if you’re remoting in or you’re getting your Excel spreadsheet, that looks correct, but a malware piece might match the signature or the definition and then it flags it. It says, okay is that is not a good thing. So having the up to date signatures, having the monitoring of it is all important. And then so when we’re talking about signatures and we’re talking about antivirus, we’re talking about different grades of it, is it a good antivirus? Is this company in the company that supports it? Are they doing new signatures? Are they staying on top of it? Because everything we keep talking about the security world is who’s staying on top of things. The hackers are always coming out with something new. There’s always a new malware. There’s always a new virus. There’s always a new attempt. There’s always a new way to get in. Right?
So is the antivirus company, is the security product, is Microsoft, are they coming up with new ways to defend against that? So that’s why we’re always talking about updating to Windows 10 we’re talking about putting your security software, whether it’s antivirus, whether it’s malware, and we’re doing about your firewall because we have to stay up to speed and in front of all of the hackers that are out there.
The Difference Between a Virus and Malware
Mike: Now just explain to our listeners, I know we’ve heard the term, what’s the difference between getting a virus and getting malware? What’s the real difference? Are they both the same?
Steve: They’re not really the same. We don’t see viruses that much anymore. So virus activity was really more the 90’s and the early 2000s. Virus activity was would just kind of wreck your machine.
It would take your machine out of commission, right? Really malware kind of came into the middle 2000’s because it makes money, right? Malware we really define malware as something that’s going to try to either extort you, get information from you that they could then use. Because really the industry switched to, especially for smaller and smaller companies. How do we make money? Right? They want to make money. The whole world wants to make money, right? So malware, CryptoLockers, ransomwares, things like that are all aimed at extortion of some kind, right?
Mike: So what do you see on your computer if you turn your computer on, you go to a particular side. How do you know it’s malware? Is there a pattern of what malware looks like?
Steve: Well, again, that’s what we’re talking about to security software. You wouldn’t really know. You wouldn’t know. It’s the security software, right, that sees it and flags it and says, okay, this is…so most people, if we have good software installed that works well, the customer will call us and say, I got an alert or we get the alert before they do that, that something infected their machine. But if you have no antivirus, you have no security software on your, there’s a very good chance that you’ve been infected. Or there’s a bot running on your machine and you have no idea that it’s happening.
Dave: Think of it, Mike, as a lot of us have alarm systems, security systems, somethings activity in your office. It calls the police. Regular antivirus doesn’t have that. But the antivirus on steroids actually has a true security operation center looking at this 24/7.
It’s looking for oddities. Weird traffic patterns. Something that’s not right and they have the ability to shut it down immediately. They have the ability to contact us or the customer. So this is critical right now, especially on your servers.
Mike: All right, so moral of the story today, got to stay up ahead of this obviously.
Steve: Yeah. You have to, you have to discuss internally, you have to discuss with your IT department what are your security arrangements? Do we have our software on every machine? Do we have it on the servers? Are we migrating all of our older stuff to the newer stuff, right. Because the older stuff becomes vulnerable. Do we have a comprehensive policy to handle all of these things? And we talking about it.
Dave: Yeah, so, my tip of the week, I can’t emphasize enough with the end of life of Server 2008 the companies out there, they need a wake-up call.
They don’t understand the risk they potentially putting their business or their data at and we’re a week away on this and I feel it’s imperative with Microsoft, no longer supporting that with patching and security that your business has to be proactive. If the goal is to change that server out but we know from a budget wise, we’re in business you can’t do it all but help do something to minimize that risk. But if you just leave it alone, you’re in jeopardy. So we can’t emphasize enough, be proactive, contact PCG. If you need some assistance on this…
Steve Ripper: We’ll do an audit, we’ll see what you have in your network for Windows 7 server 2008, what your security software looks like, what are you running on your firewall? We’ll do that full audit and tell you what everything’s going on in your network.
Mike: You want to make sure you don’t get attacked. You want to make sure you’re not vulnerable.
Dave Hodgdon: I would say even in our customer portfolio, we keep on emphasizing and talking to them. Probably about 10% of our clients still have server 2008 and we’re just calling them where we’re worried about it because ultimately if something goes wrong. They’re going to contact us.
Mike: And next week is the deadline already, right?
Dave Hodgdon: Is the deadline. And again, just get a wake-up call and get proactive.
Mike: All right, sounds good. Thank you guys. Dave Hodgson Steve Ripper from Portsmouth Computer Group with convenient locations in Portsmouth and Dover and now in Manchester and Portland Maine. PCG IT for world-class IT service and customer support. Check them out. PCGIT.com Thank you guys.
