We sit down with Mark Williams, Senior Client Relations Manager to dive deeper into EDR, explore what it is and learn how small businesses are embracing the technology to keep their data, team and customers secure.
Hi Mark, thanks for joining us today. Let’s start with the basics—what exactly is Endpoint Detection and Response (EDR), and why is it becoming so critical for small businesses?
Mark: Thanks for having me! EDR stands for Endpoint Detection and Response. It’s an advanced cybersecurity solution that monitors, detects, and responds to threats on endpoint devices like computers, laptops, and servers. Unlike traditional antivirus, which looks for known malware signatures, EDR focuses on unusual behaviour patterns, which means it can identify threats that might otherwise slip under the radar. This is crucial for small businesses, as they often don’t have dedicated, round-the-clock IT teams to manage these threats.
Think of EDR as having a security guard watching your business 24/7.
That’s interesting. How does EDR help the average user or business owner manage threats without disrupting their daily operations?
Mark: EDR solutions are designed to work in the background, so for the average user, it’s practically invisible. They monitor systems continuously, and if they detect something suspicious—like unusual file access or unexpected software behaviour—they can isolate the threat and notify the business. This proactive approach means that business owners can focus on their work without worrying about disruptions.
You mentioned behaviour spotting earlier. How does that work in practice?
Mark: Behaviour spotting is key to EDR’s effectiveness. These solutions look for patterns that don’t fit the normal activity on a device or within a network. For example, if a user suddenly starts accessing files they normally wouldn’t, or if there’s an unexpected login from a different location, the system flags it. It’s all about identifying anomalies that traditional antivirus might miss because it’s not tied to known malware signatures.
I understand B2B IT Services uses Huntress as part of its EDR stack. What led you to choose this solution, and how does it fit into your overall strategy?
Mark: Huntress is one of the solutions we use because it aligns well with our approach of continuous monitoring and proactive threat detection. We chose Huntress because it offers a 24/7 Security Operations Centre (SOC) that tracks these behaviour patterns and alerts us if action needs to be taken. This is especially valuable for small businesses that might not have the resources to manage this level of monitoring in-house.
That makes sense. Speaking of Microsoft 365, which many of your clients use, how does EDR integrate with it?
Mark: EDR fits seamlessly with Microsoft 365 environments. For instance, it monitors for unusual login activity, suspicious permission changes, and other behaviours that could signal a compromise. This is particularly important as many small businesses rely heavily on cloud services like Microsoft 365 for their daily operations. Integrating EDR in these environments ensures that even if attackers attempt to bypass defences, any anomalies are quickly detected.
That’s great to hear. Let’s shift gears a bit. How does implementing EDR affect cybersecurity insurance for small businesses?
Mark: That’s an important point. More insurers are now requiring EDR solutions as part of their criteria for cybersecurity insurance coverage. The reason is simple: EDR helps reduce the overall risk of a breach by catching threats before they can cause major damage. We’ve seen cases where businesses that implement EDR not only qualify for insurance but also benefit from lower premiums. It shows insurers that these businesses are proactive and serious about their security posture.
On that note, the Microsoft Security Score is something many of your clients look at. How does EDR influence that score?
Mark: The Microsoft Security Score is a great tool for assessing your overall security posture. Implementing EDR can significantly boost this score because it adds another layer of protection, particularly for endpoint security and behaviour monitoring. For example, by using EDR to monitor and manage devices within a Microsoft 365 environment, businesses can achieve higher compliance and security standards, which translates to a better score.
Finally, for small business owners who are still on the fence about investing in EDR, what advice would you give?
Mark: I’d say it’s essential to be proactive rather than reactive. Cyber threats are becoming more sophisticated every day, and small businesses are often seen as easier targets. EDR isn’t just about catching threats; it’s about protecting your reputation and the trust you’ve built with your clients. In today’s world, having a strong cybersecurity posture isn’t just a good idea—it’s a necessity.
Thanks for the insightful discussion, Mark!
—
… EDR can be a game-changer for small businesses looking to secure their digital environments.
