Security Incident Management Services FAQ
Q1: Will the use of SIMS eliminate the need to use Anti-Virus software ?
Anti-Virus software scans data for known malware ( virus, worms, Trojans) while SIMS scans for both known and unknown suspicious behavior using Artificial Intelligence engines that are continuously updated. With basic Anti-Virus software being available free-of-charge these days, SMS leaves the decision to use Anti-Virus software in addition to SIMS to the discretion of the client handled by SMS.
Q2: Will SIMS be able to read the content of my data files?
SIMS makes use of Metadata only and is unable to read, change or delete the content of any user application file or data; the Metadata is generated by the system or application software ( Operating System, system files, user applications etc) and is the only source available to SIMS; to detect suspicious behavior it is not necessary to analyze the content of a client’s data
Q3: Can SIMS detect malware in Operating Systems (OS) and associated system files?
SIMS is independent of the OS that is being monitored, having its own proprietary OS and is therefore capable of detecting malware inside the OS and other system files
Q4: Is there a difference between Network and Endpoint Security?
Yes, network security monitors the connections between endpoints and can detect any breach of network security or attempts to break into networks and divert data communications; Endpoint security monitors only the endpoints, not the network, because the endpoints are considered the weakest and most vulnerable links in the security chain and is the common entry-point for malware into a client IT infrastructure; encryption of sensitive data that is transmitted over networks is strongly recommended to minimize any threats to the network security
Q5: How quickly can a threat be detected and handle by SIMS ?
Identifying and classifying a threat, known in the industry as “Triaging”, can be done in seconds or minutes; if known, the offending software can be blocked immediately and any unknown malware can also be blocked immediately while a longer investigation and analysis ( usually lasting several minutes) can be performed and the user contacted for verification.
Q6: Does an endpoint need to be connected to a network to be monitored by SIMS ?
An endpoint with the SIMS agent installed does not need to be connected to any network or the internet, to detect suspicious behavior as it functions independently of any connections.
Q7: Behavior based products generally produce a number of false positives, how do you handle that?
We will work with customers to do an initial baselining period of up to 3 weeks to let our backend engine understand their environment which reduces false positives. Our solution helps to autonomously reduce false positives and alert fatigue for users managing the platform. For more details, please send your enquiry to sales@smssb.com.
Q8: Can your service apply in an environment without internet connection?
Yes, our solution is able to work in an air-gapped, isolated environment with no internet connectivity. As the solution does not rely on any rules and signatures, and runs entirely on AI and machine learning, there is no need for internet connectivity to be effective.
Q9: Does your service stop the threat or just notifying that there is a threat?
We will perform both actions. We will stop the threat and notify the user.
Q10: If my GPO facility is not available and our endpoints are outside Klang valley, can you provide manual installations?
Yes, we are able to perform manual installation on endpoints outside of Klang valley.
Q11: With the current Covid-19 situation in Malaysia, does your solution support users working from home?
Yes. More than likely, users working from home are utilizing laptops which are endpoints supported by our Security Incident Management Services (SIMS).
Q12: Do you provide 24/7 monitoring?
Yes, 24/7 monitoring is provided under Security Incident Management Services (SIMS) depending on the package you select. For more details, please send your enquiry to sales@smssb.com.
Q13: Do provide Service Level Agreement (SLA)?
There are SLAs attached to our 24×7 monitoring. Please reach out to sales@smssb.com and we can send you the SLA for our monitoring services.
Q14: Does your solution support the upcoming Windows 11?
Yes, our solution supports the upcoming Windows 11.
