Speed Up Your Incident Response Time with the Malware Undo Button

BrandPost By IBM
Sep 30, 20143 mins
Endpoint ProtectionIBMMalware

You know that feeling, when you suddenly realize that you recently shopped at the store that was reported to have been the latest victim of a data breach, compromising millions of credit cards and customer records? As a customer, the lasting impression you have about the incident is not that something bad happened, but how quickly and effectively did the retailer respond to identify and remediate the problem?

Once the retailer knew the exact thing that went wrong, don’t you wish they could just hit an undo button and limit the exposure? It would save their customers a lot of time, hassle, and worry about potential identity theft and fraudulent credit card purchases. But more importantly, an “undo” option would turn a potentially negative situation into a positive customer experience, because the retailer would be demonstrating they were able to quickly identify a breach that could harm their customers—and were able to mitigate it, fast. After all, every customer wants to feel like they (and the safety of their personal and financial data) come first.

Is that too much to ask for?

Unfortunately recent events seem to indicate, “Yes, it is.” But when an organization leverages IBM Endpoint Manager the answer can be, “We got you covered.”

IBM Endpoint Manager contains what is in effect a Malware Undo button.

Here’s how it works: From a single console and single management server, which is all Endpoint Manager needs to securely manage up to 250,000 different endpoints anywhere on the planet; you find out if there is a suspected IP security incident. For this example we’ll say it’s on a Windows device but Endpoint Manager can manage devices with every iteration of every OS there is. All at the same time.

So it finds a problematic registry key, you then ask it to see if that same registry key is on any other device on the network. It’s that simple: No coding, no building a software distribution package, no having to scan other endpoints to determine if they have it. Within minutes / hours you will get back a report telling you every device that’s infected.

Now you use the Malware Undo Button. It takes out that registry key, that system configuration with the malware. It removes the bad file with malware payload and puts everything back to the way it was before the malware arrived.

That’s all there is to it. No muss, no fuss, no “If only I’d done X differently!”

Not only does IBM Endpoint Manager remove the malware, it also enforces continuous security configuration compliance for all endpoints regardless of OS or location. A non-compliant endpoint is automatically quarantined so as to safeguard other endpoints in the network until remediation is complete.

Want to leverage the Malware Undo Button in your own organization to keep more customers happy even when something bad happens? Retail is not the only sector targeted by sophisticated Malware, but has had arguably the most negative press lately.

If you have customers to impress with your responsiveness to the inevitable with your organization, then click here for more information. That’s all there is to that, too.