Create a Multilayered Security Approach
For best results, your security must be managed from more than one “perspective” of security tools. Unified Threat Management (UTM) are a nice way to start to safeguard your network from multiple angles, protecting it from both present and future cyber threats. If you do not have a UTM handling all of your protections, make sure that you a minimum of the following within your security arsenal.
- Next-Generation Firewall
- Protection starts at the edge of your network. Make sure that you have security that is checking your traffic as it comes in, ensuring the viability of all the data streams within your network.
- Intrusion Detection and Prevention
- Ransomware sneaks up on your system and doesn’t make itself obvious until the problem is quite serious. If you can identify a problem quickly, you may be able to stop it all together or at least minimize the reach of the virus in your business.
- Antivirus and Anti-malware
- Yes, you need both. Antivirus programs are much more effective on traditional online threats—key loggers, worms, Trojans, viruses—while anti-malware can detect and remove newer and more sophisticated types of hybrid strains.
Train Your End Users
One of the most significant threats to your internal digital security is actually your user base. These are not necessarily malicious users (although they can be). More often, they are simply unaware of how a careless or overlooked action can open up a network to malicious usership (i.e. an employee opening a phishing email).
Not sure you want to spend the time to train your users? Think of it this way, each employee record costs a company an average of $182 per lost or hijacked record. Costs can rise above this amount, depending on the vitality of the records and the industry of the business. Companies need to rethink their strategy based on the cost to the business alone, training your end users is well worth this price.
What steps should you take to train your end users?
- First, build a knowledge base to ensure that basic safety measures are followed (do not open emails from unknown sources, do not connect to unknown wireless, etc.).
- Second, create tiered access lanes and inform all end users of the chain of command should a higher level of access be required for a particular process. Just as your IT team shouldn’t have full access to admin credentials, your users should have siloed access, limiting data access can limit damage.
- Third, where applicable, try to limit the devices authorized to use your company network. If you are not using guest access or are using one username and password for all network access, you should think twice about this.
Strategic Backup Decisions
The 3-2-1 backup strategy is a well vetted standard that ensures data protection. This strategy involves creating at least three data copies, with two local copies on various devices and one copy offsite.
Having one offsite copy is essential, particularly in the case of ransomware. This is the only way to ensure that you have access to your full data should you experience a catastrophic loss in your primary data stream. There is generally an air gap between your corporate data and offsite data that protects this data from getting infected by the same virus.
Backup as a Service (BaaS) adds another layer of defense against ransomware.
Moving your backup into the cloud ensures that your company receives automatic updates at every critical update point. How many times have you seen an update that you didn’t install right away because you didn’t have time? Additionally, Backup as a Service providers have access to the latest and greatest technology to protect data including tier 5 data centers and 7 layers of security. Finally BaaS can also protect your data against local physical damage that can affect your onsite servers.
Updates and Patching
In the absence of a BaaS solution, you MUST keep up with updates and patching. Failing to make updates to commonly exploited programs is the easiest way to get in serious trouble. If you do not have the manpower or the expertise to handle this in house, hire a managed IT services company to help you fill the gaps here.
Administrative Restrictions and Passwords
Administrators know the rules and often ignore them. What are the rules?
- Don’t give your whole team the keys to the kingdom. Create levels of tiered access.
- Don’t use easy passwords that don’t change. If the password is on a sticky note tacked to a whiteboard for everyone to see, change this immediately.
- Watch out for unhappy team members or those that leave. Ensure they have given up all access. Change passwords for their access tier levels after they are gone.
- Restrict what end users can download. Impose penalties for anyone found breaking these rules.
Don’t ignore these general rules of thumb and ensure that even the members with the lower tiers of access follow these rules.
Never Pay the Ransom
ComportSecure’s advice – do not pay the ransom under any circumstances! If you do, you will encourage ransomware hackers to continue their malicious work (and you will finance it as well!), plus, there is no guarantee that your files will come back to you in one piece.
Ransomware is here to stay, as are cybercriminals. You will not get anywhere trying to duck or ignore the problem. It is time to face it head on, with the appropriate security and strategies in place for all contingencies. The dedicated experts at ComportSecure are ready to help protect your data today. Give us a call or an email for your initial consultation.