Best Practices for Ransomeware Prevention
—Not Just Any Backup
The General Data Protection Regulation, or GDPR, will overhall how businesses process and handle data. Coming into effect on May 25, 2018, GDPR will specifically target how businesses and the public sector handle the information of 750 million European citizens. This means any company that holds any data on EU citizens, from personal information such as credit cards numbers to even simply a photo of the citizen, is subject to GDPR. Allthough this law exists in the EU, its reaches will be global. Businesss not located in the EU could sill face penalties and fines if they do not comply with the legistlation. If you are subject to DPA (Data Protection Act), it is likely that you are subject to GDPR. The EU is serious about protecting the data of its citizens. Just for having a security breach your business could be fined, and the penalities are not childsplay. Some fines can be €10 million or two percent of a firm’s revenue, and more serious violations can have fines up to €20 million for four percent of a firm’s revenue. In the following sections, we will outline the steps neccisary to comply with GDPR. By approaching GDPR in the method outlined below, you can use this regulation as an opporunity to grow and enhance your organization.
“… any company that holds data on EU citizens, from personal information such as credit cards numbers to even simply a photo, is subject to GDPR.”
You must figure out what EU data your business processes and holds—and where and how it’s held—and to set legally defensible policies for how that data will be collected, managed, and destroyed. Applying this procedure in practice wont happen over night. For starters, your organization has huge amounts of structured and unstructured data, which resides on numerous devices—from production servers, cloud applications, on and off premise backups, even staff members’ mobile devices. It is imporatnt to cast your net wide as you develop your strategy. It also helps to approach GDPR as a risk management. Uncovering where the largest gaps in your security lie should be your first objective in coming to terms with GDPR.
—01 The Best Backup
Not all backups are alike, and you must choose wisely when finding the right backup for your business. For the highest level of security, you want not just your servers and applications backed up, but also your endpoints and devices. There is also the chance that a back up could be compromized as well, so you want to know where your backups live, and make sure they are follwing the best practices to be protected from ransomware. Sometimes it is best to entrust your backup to a well known provider who is experianced and equpiped with dealing with ransomware, therefore will act as an added layer of security incase you are infected, or even alerting you to the infection before you know it. Diciding between the best backup is not an easy task, there are dozens of companies to choose from. Speak to one of our security experts to learn about and discover which backup solutions is the best fit for your business.
—02 Early Detection
Ransomware has evolved in a way that it not only will jump form on device to another, but new variants are now crossing systems and platforms including popular SaaS applications such as Dropbox, Office365, and Google Apps. How could ransomware spread to the cloud? When you use these devices you are syncing your files, if one of your infected files sync, congratulations that infection has now spread to your online environment. If these files are being used to collaborate with employees at different locations, an isolated incident can quickly become an malware epidemic for your organization. You want 24/7 monitoring, a live client actively running, updating in real time and ready to alert you as soon as suspicious or malicious activity is detected. Some even recommend a kill switch… for you to pull the plug and disconnect everything from the network and internet so there could be no further spread. There are dozens of endpoint securities that promise to “stop ransomware” but choosing the best one depends on your business practices. Sometimes speaking to a vendor agnostic partner such as MDS can help you detuct the pros and cons of each one, and guide you in making the most effective decision for your organization.
Choosing The Right End-Point Security
—03 Pattern Analytics
New ransomware variants emerging every day. Often they often go undetected by even the most up-to-date libraries of known attacks. Enter behavioral and machine learning monitoring. Instead of looking for a specific ID or extention (like picking out the bad guys out of the lineup) new technology is emerging that detects the behavoir and patterns of an attack. Say for example all of a sudden Susan from Accounting is communicating from someone at a location she has never communitcated with, and in addition, there is a data transfer a little larger then typical for Susan underway. Automatically a flag rises up, and the abnormal behavior shows as a red flag, and is put to a holt if neccicary, until it can be analyzed and evaluated by a team of security experts. These are the behaviors proactive monitoring, pattern analytics, behavior analysis, and machine learning technology picks up on. By monitoring and learning all of the typically behavior of your business, from large data transfers to subtle specks of activity, pattern analytics cant stop abnormal behavior as it takes place in real time while alerting the network administator. The more data it accumulates the more effective it becomes. Keeping track of known hotspots for malicious activity, in combination with typical data patterns of an attack, enables a defense that can essntially uncover malware that might be brand new to the market, giving you an added layer of security on top of your traditional practices. MDS works with multiple partners that offer the latest innovations in behavior and pattern analytics, and is here to help you decide on which fits best for your business.
—04 Prevention Tactics
Email Spammers, we all have seen it before. Someone claims you have won a the lottery and you must send a money order to Nigeria to claim your prize. Well the email scammers have evolved. Take a look at that button in the photo… Would you click it if you were exspecting a package?
Locking your front door, back door, and garage wont protect an intruder from breaking in through your window. Just like endpoint security, backups, and analytics do not protect against email attacks. For this we reccomend you look into Email Filtering and Spam Filtering. Instead of having to play detective with every email you recieve, it helps to work with an experianced email filtering security platform that can block emails before they appear infront of view of Joe in the shipping department, who unknowing clicks on a link, and takes down a business that took years to build in the blink of an eye. Avoid the cost of recovering from an attack with a simple solution from our team of qualified security experts. Implementing an email filering system might be as simple as an enabling an additional add-on from your current email providor. Speak to one of our experts to see if this may be an option for you.
Don't Let The Criminals Phish in Your Network
—05 Web Filter
Barracuda Web-Sense Cisco Web Filter BLa BLa
—06 Employee Training
Would you let one of your employees drive you around if they didn’t have there lisence? Then why would you let them surf in your network without any training. Chances are you didn’t have any onboarding Cyber Security best practices for browsing the web, and even if you did, the tactics are always evolving and changing.
Might as well have insurance. There is no such thing as inpenitrable, everything is subject to attack.