Best Practices for Ransomware Prevention
—01 The Best Backup
Not all backups are alike, and you must choose wisely when finding the right backup for your business. For the highest level of security, you want not just your servers and applications backed up, but also your endpoints and devices. There is also the chance that a back up could be compromized as well, so you want to know where your backups live, and make sure they are follwing the best practices to be protected from ransomware. Sometimes it is best to entrust your backup to a well known provider who is experianced and equpiped with dealing with ransomware, therefore will act as an added layer of security incase you are infected, or even alerting you to the infection before you know it. Diciding between the best backup is not an easy task, there are dozens of companies to choose from. Speak to one of our security experts to learn about and discover which backup solutions is the best fit for your business.
Discover the best back up solution for you.
—02 Early Detection
Ransomware has evolved in a way that it not only will jump from one device to another, but new variants are now crossing systems and platforms including popular SaaS applications such as Dropbox, Office365, and Google Apps. How could ransomware spread to the cloud? When you use these devices you are syncing your files, if one of your infected files sync, congratulations that infection has now spread to your online environment. If these files are being used to collaborate with employees at different locations, an isolated incident can quickly become a malware epidemic for your organization. You want 24/7 monitoring, a live client actively running, updating in real time and ready to alert you as soon as suspicious or malicious activity is detected. Some even recommend a kill switch… for you to pull the plug and disconnect everything from the network and internet so there could be no further spread. There are dozens of endpoint securities that promise to “stop ransomware” but choosing the best one depends on your business practices. Sometimes speaking to a vendor-agnostic partner such as MDS can help you detuct the pros and cons of each one, and guide you in making the most effective decision for your organization.
Choosing The Right End-Point Security
—03 Pattern Analytics
New ransomware variants emerging every day. Often they often go undetected by even the most up-to-date libraries of known attacks. Enter behavioral and machine learning monitoring. Instead of looking for a specific ID or extension (like picking out the bad guys out of the lineup) new technology is emerging that detects the behavior and patterns of an attack. Say for example all of a sudden Susan from Accounting is communicating from someone at a location she has never communicated with, and in addition, there is a data transfer a little larger than typical for Susan underway. Automatically a flag rises up, and the abnormal behavior shows as a red flag and is put to a holt if necessary, until it can be analyzed and evaluated by a team of security experts. These are the behaviors proactive monitoring, pattern analytics, behavior analysis, and machine learning technology pick up on.
By monitoring and learning all of the typical behavior of your business, from large data transfers to subtle specks of activity, pattern analytics cant stop abnormal behavior as it takes place in real time while alerting the network administrator. The more data it accumulates the more effective it becomes. Keeping track of known hotspots for malicious activity, in combination with typical data patterns of an attack, enables a defense that can essentially uncover malware that might be brand new to the market, giving you an added layer of security on top of your traditional practices. MDS works with multiple partners that offer the latest innovations in behavior and pattern analytics and is here to help you decide on which fits best for your business.
Try DarkTrace Risk Free for 30 Days
—04 Prevention Tactics
Email spammers, we all have seen it before. Someone claims you have won the lottery and you must send a money order to Nigeria to claim your prize. Well, the email scammers have evolved. Take a look at that button in the photo… Would you click it if you were expecting a package?
Locking your front door, back door, and garage won’t protect an intruder from breaking in through your window. Just like endpoint security, backups, and analytics do not protect against email attacks. For this we recommend you look into Email Filtering and Spam Filtering. Instead of having to play detective with every email you receive, it helps to work with an experienced email filtering security platform that can block emails before they appear in front of view of Joe in the shipping department, who unknowing clicks on a link, and takes down a business that took years to build in the blink of an eye.
Avoid the cost of recovering from an attack with a simple solution from our team of qualified security experts. Implementing an email filtering system might be as simple as an enabling an additional add-on from your current email provider. Speak to one of our experts to see if this may be an option for you.
Don't Let The Criminals Phish in Your Network
—05 Employee Training
Would you let one of your employees drive you around if they didn’t have there license? Then why would you let them surf in your network without any training? Chances are you didn’t have any onboarding Cyber Security best practices for browsing the web, and even if you did, the tactics are always evolving and changing. Train staff on cyber-security practices, emphasizing not opening attachments or links from unknown sources.
Explore the latest in Employee Training
Updating your IT Infrastructure doesn't have to be a do-it-yourself project.
With MDS, you can focus on growing your business while we take care of the technology. Our engineers go beyond standard canned offerings by creating end-to-end project solutions tailored to fit your organization's specific needs.
MDS experts are available 24/7 and have a wide range of skills that allow you to harness the power of a large IT team, without the overhead.