What is managed antivirus?
Managed antivirus is a service where one company manages all the antivirus installations or processes of another company on an ongoing basis for a monthly fee.
(Note: We’ve also seen this term used to mean a centrally-managed antivirus system in general, though these days this type of software is usually called an endpoint protection solution or something similar. If you’re looking for a rundown of this kind of software, you might want to check out this fairly comprehensive article by PCMag.)
The managing company is usually a managed services provider (MSP) or IT services provider that has the tools, knowledge, and experience to remotely manage antivirus installations on anywhere from a couple to thousands or tens of thousands of devices.
To install, monitor, and manage its clients’ antivirus processes remotely, MSPs typically use either remote monitoring and management (RMM) tools or cloud-based endpoint protection.
Managed Antivirus Key Components
Installation and configuration
This includes installing the local client or an agent on all of a company’s PCs and servers. It may include further customizations such as preventing users from being able to pause scans or disable or uninstall the local antivirus software.
The MSP’s staff will keep an eye out for alerts including ones about possible infections, failed scans, or attempts to disable or bypass the software, and will check the alerts to verify the issue if the issue is legitimate or a “false positive”. (As an employee of an MSP, I often see these alerts pop up in our Slack, followed usually less than 30 seconds later by one of our engineers confirming that they’re checking out the issue.)
In addition to responding to alerts, a good MSP will review antivirus logs periodically to ensure nothing important was missed by the alerting system/algorithm – looking for anomalies, unexpected changes, unusual patterns of activity, etc.
The MSP makes sure the antivirus software is always up-to-date and ready to protect you from all the latest threats. Depending on the software, this may involve pushing out the updates to all the local clients or simply download the updates to a centralized repository on a server. (Or if the MSP is using a cloud-based antivirus software, the software is always up-to-date anyway.)
License and user management
You can let your MSP handle the process of buying and/or re-using licenses and installing new instances as your workforce grows. It’s easier and quicker that way, and MSPs tend to get licenses at discount rates from their security software partners.
Managed Antivirus Benefits
With managed antivirus, you get an entire team of experts monitoring and managing your company’s antivirus around-the-clock.
- For peace of mind
- To do your due diligence in terms of protecting your data
- To get a holistic, organization-wide view of the security of your endpoints
Antivirus helps to protect you from the 1.1 billion forms of malware out there in the world. It detects, neutralizes, and removes the malware that gets past your other defenses (such as firewalls, IDS/IPS, and spam filters) and into your systems. On average, antivirus software detects 100% of known threats and nearly 99% of unknown/zero-day threats. Its a critical part of any business’s defenses against cyber attacks. And it’s relatively inexpensive for the kind of protection it provides.
You might think of antivirus software as a kind of “set-it-and-forget-it” tool based on your experience with consumer antivirus software.
Well, for one thing, by not reviewing your low-level alerts and logs and because of the way you configure your antivirus, you might be missing some threats.
Plus, it’s different with businesses. The data is more important. And there’s more of it. And hackers know it, and know you’ll pay more for it if they get you with ransomware, which is why you’re their #1 target.
Also, you might be subject to data security and control regulations. You have to account for users doing things like disabling antivirus software or stopping scans because it’s interfering with their work, or ignoring prompts for them to download new virus definitions. And you want the holistic view that a centralized antivirus solution provides, allowing you to do things like identify organization-wide patterns in cyber attacks and keep track of all your licenses.
The Payment Card Industry Security Standards Council, for one, advises, “Even the best anti-virus solutions are limited in effectiveness if they are not maintained and kept current with the latest security updates, signature files, or malware protections.”
Why Hire Another Company to Manage Your Antivirus Software?
Tools like Sophos Central give you extensive, real-time antivirus data – but do you really have the time to review and respond to all these alerts?
A couple reasons:
- MSPs have people experienced at remotely implementing and managing antivirus software. They know how to interpret and/or resolve all the different alerts and log entries. They’ll maximize the effectiveness of your antivirus processes, much more efficiently and thoroughly than any amateur.
- Even if you have in-house IT staff, you may want them to be doing more important things that responding to and analyzing security alerts and logs. Plus, the typical MSP is larger than the typical IT department, so you have more people to respond more quickly, with more collective experience, brainpower, and resources, to alerts and other issues.
For Managed Antivirus, Rely on XOverture
Antivirus is just one component of an ideal cyber attack prevention system, as we mentioned in our recent, comprehensive guide to protecting your business. XOverture is a full-service MSSP that can help you plan, implement, and manage any individual aspect of your business’s security, including antivirus, firewalls, spam filtering, and content filtering – or we can just take care of the whole darn thing and give you complete, organization-wide protection and oversight as your managed security provider.
Contact us when you’re ready to take the next step in securing your clients’ data.