Skip to content
blackhawk logo

BlackHawk Data Engineer Q&A: Stopping Breaches Before They Happen

Our customers have come to us with a lot of questions, regarding cybersecurity and their remote workforce. In this 4-part series, Jason Caparoso, BlackHawk Data’s President and Chief Technology Officer, shares his insights and knowledge to help you safeguard your business, no matter where you are.

 

Pandemic crisis or not, hackers just love to turn a bad situation into a worse one by taking advantage of your vulnerabilities. Whether its upping the number of phishing lures propagated to unsuspecting employees or looking for unsecured back doors into your network, these guys just won’t let up until they have you on your knees. That’s where endpoint protection comes into play.

 

Question: How can I protect my business from a breach when everyone is working remotely?

Answer: Going at your protection blindly is no way to secure your network, your data, or your customers’ data. If you’re looking to increase protection for your remote employees so they can work from any device, at any time, from any location, you’ve got to cover your endpoints.

Cisco Advanced Malware Protection (AMP) for Endpoints has the most integrated detection techniques when it comes to endpoint protection, and has direct integration with both Cisco Umbrella and Cisco DUO.

Cisco AMP takes Cisco Umbrella to the next level, so if an attack does get through, you have the ability to inspect files, sandbox, and block malicious threats at the endpoint with a single click. Cisco AMP is also not a signature-based endpoint protection, but uses a dynamic feed from the Cisco Talos which allows new and emerging threats to be blocked quickly, with decisions based on actual expert research teams. It’s like having a SOC full of hundreds of top security analysts without the millions of dollars in cost.

Another unique feature that makes it very useful to security teams is the retrospective view which will show when a threat entered the network, where it came from, and where it has been before it was stopped allowing all impacted devices to be scrubbed. The addition of a threat grid provides you with a threat intelligence view for the entire organization enabling your security teams to see if an attack or malicious file has spread to multiple hosts so they can stop it quickly.

Cisco has extended their free security offers to include Cisco AMP. With this new addition, existing customers can exceed their device limit by two times to support an increase in remote workers. To take advantage of this offer, simply install AMP for Endpoints Connectors on extra devices, and no other action is required. BlackHawk Data is here to help with your set up and provide complimentary engineering assistance.

About Jason

An industry veteran with more than 20 years of experience in both network design and delivering expert-level solutions to clients, Jason supports a variety of industry-leading vendors, including Cisco, Palo Alto Networks, F5 and Microsoft, enabling him to effectively lead BlackHawk Data’s Solutions Architects, Service Delivery, and Managed Services teams.