After fighting a losing battle against malware that culminated in a ransomware attack, New Zealand real estate organisation Property Brokers deployed Cylance's antivirus software and says it has successfully blocked all attacks.
Property Brokers has more than 600 endpoints spread across 42 branches throughout New Zealand from which it manages over 5000 rental properties, and offers thousands more for sale.
Property Brokers' IT manager Jeremy McClure told Computerworld that the company had implemented a number of measures to protect its IT systems against malware, most of which found its way in through phishing emails, but none had been successful.
"We found that our existing antivirus was letting more and more things through. We upgraded our firewall with a next generation Meraki firewall, and that improved things. We tried to educate users, added an anti-spam filter to our email, but things just kept getting through."
He added: "We were hearing the same story everywhere: 'That's just the way it is'."
McClure said a Cyberlocker attack — which the company was able to mitigate from backup files — had been the last straw. "We decided we needed another solution. That was when we found Cylance," he said.
“I was intrigued by Cylance’s innovative use of artificial intelligence and machine learning technologies and its prevention-first approach to endpoint protection. But when we first looked at it you needed to have 1000 seats plus."
Today the Cylance platform is available for customers with 100 endpoints and above. Advantage is also able to support customers with less than 100 endpoints.
Unlike traditional antivirus tools that rely on a constantly updated database of signatures to identify malware, Cylance uses artificial intelligence to analyse the behaviour of software to detect malware. It claims to operate with a very small device footprint and to be effective without needing frequent updates.
In a test of Cylance carried out by SE Labs, SE Labs reported that a version of Cylance using an outdated AI model was able to detect and block 43 of 45 threats discovered in the wild at dates ranging from 11 to 33 months after the model's creation date.
Subsequently, McClure said Property Brokers IT supplier Advantage purchased a 1000 seat licence so as to offer Cylance as a managed service provider, enabling Property Brokers to deploy Cylance on its 600 plus endpoints.
He said the software, CylancePROTECT had been running for more than a year and had successfully detected and blocked all attacks, and had reduced the workload involved in responding to penetration attempts.
He explained that, with the company's previous antivirus, every alert had required significant investigation. "We could not just leave it. We knew there would be something else and we would have to use a number of other tools to weed out that other thing. A lot of the time we just rebuilt systems from scratch.
"Cylance has reduced the number of false alarms. Our level of confidence is right up there."
A lot of Property Brokers staff access the company's systems from home and McClure said he was encouraging them to install the consumer version of Cylance, Cylance Smart Antivirus.