Discuss

last person joined: one year ago 

Ask a question. Give advice. Share resources. Looking for software or hardware recommendations? Want to know how others are using text messaging in their work? Trying to find examples of IT policies? The NTEN Discuss forum is a great resource for all of the above and more! It's the general discussion list for the NTEN community, and folks all over the US (and the world) are sharing their questions, answers, and news about nonprofit technology.

Antivirus Protection to Protect Against Footholds

  • 1.  Antivirus Protection to Protect Against Footholds

    Posted 12 days ago
    Hello all,

    Our IT firm is suggesting we purchase  Huntress as an add on to our current AppRiver virus protection to add a layer of projection against footholds. I tried to search footholds to see what they are, and to determine if we need another layer of protection. However, I  was unable to locate any information on footholds. Therefore I'm wondering if anyone would be willing to share their thoughts or experience with footholds and additional virus protection.

    With appreciation,

    ------------------------------
    Sandy Harvey
    Office Administrator
    Benedum Foundation
    tech1944@benedum.org
    ------------------------------
    picture of work desk from home with notebook, glasses, coffee, keyboard


  • 2.  RE: Antivirus Protection to Protect Against Footholds

    Posted 12 days ago
    Hi Sandy,

    I asked my partner Klik.Solutions and they gave a pretty good response with additional recommendation. Sounds like your IT firm is recommending a good solution.
    See below...

    Huntress is a great product.  Basically searches and Identifies vulnerabilities within the network.  This is in addition to AV services especially gateway based products like appriver. Think of appriver as an advanced email filter. I do hope they are using some sort of end point security product. But Huntress is legit. I know the main investor into this company and he's super smart.  


    ------------------------------
    K. Howard Enterprise Solutions LLC
    Kyle O'Donnell
    President
    973-866-7366
    kyle@khesolutions.com
    www.ademero.com

    2019 NTENny Awardee
    ------------------------------

    picture of work desk from home with notebook, glasses, coffee, keyboard


  • 3.  RE: Antivirus Protection to Protect Against Footholds

    Posted 11 days ago
    Edited by Johan Hammerstrom 11 days ago
    Sandy,

    I'll humbly offer my own opinion.  IT providers often have differing opinions on IT solutions and, in general, I would defer to the opinion of the IT provider you rely on for your support who knows you best as an organization.

    What Huntress Labs calls "footholds" are also referred to more generally as Advanced Persistent Threat (APT) attacks, "living on the land", etc.  It means that a threat actor has gained access to a computer on your network through means that go undetected by traditional anti-virus or anti-malware software.  Once the threat actor has gained access, they are able to steal information, commandeer your systems, and launch other attacks.  Solutions such as Huntress Labs, CrowdStrike, and Cylance are able to detect suspicious behavior that indicates a compromised machine.

    We do not typically recommend APT solutions to our clients because they can be expensive.  We are about to release our 2019 Nonprofit Cybersecurity Incident Report.  In our research, APT attacks are the least common of all cybersecurity threats.  This is because they generally require the most effort by a threat actor.  Common cybercriminals typically employ less expensive means of attack, such as phishing and spam.

    We do recommend APT solutions to organizations that might be targeted by known adversaries, such as policy and advocacy organizations.  Especially those who have known nation state adversaries, with the wherewithal to launch extensive targeted attacks.  And there are other exceptions, particularly for sensitive systems (we will install APT solutions on remote desktop servers, or on machines containing highly sensitive information).

    We have more cybersecurity resources freely available on our website (www.communityit.com) and I would be happy to provide more information directly if it would be useful to you.

    ------------------------------
    Johan Hammerstrom
    CEO
    Community IT
    Washington, DC
    ------------------------------

    picture of work desk from home with notebook, glasses, coffee, keyboard