Are Employees Disabling Defender?

Syxsense Realtime Use Case: Fortnite

While bored at work, an employee manages to install Fornite on their device. However, they notice lags and the game running slow. Defender is causing issues and interrupting their gaming. What do they do? Disable Defender.

While might seem like an extreme or specific case, there are many documented instances of similar things happening. Employees may unwittingly open a network to vulnerability due to device performance issues.

Traditionally, when something like this happens, it is incredibly hard to detect. A manager might get lucky and catch an employee playing their game.But more likely than not, an employee will be quick enough to minimize any windows they shouldn’t have open. There won’t be any obvious clues to the fact Defender has been disabled.

How does Syxsense Realtime Security make this easier?

Live data means being able to see processes and status in real time.

If you suspected something like Defender had been disabled, you would ask the AI-powered personal assistant. Type or speak “is Defender disabled on my devices?” The console would then show where any such process wasn’t running.Let’s also assume you suspect Defender is being disabled for a game like Fortnite. Search for all machines running Fortnite or software by Epic Games. Then target those devices with a software uninstall task to delete the non-corporate approved software. An alert can also be set up so that if Defender is disabled or Fortnite is running, you will be notified immediately.

Realtime Security means having live data that is secure, accurate, and actionable.