Security, IT Governance, Ransomware
As the person responsible for maintaining your company’s technology or the relationship with the IT service provider, you know that IT security is important.
Every day, you hear about new security breaches that only seem to be getting more frequent and more destructive. Last year, UC San Francisco caved in after a month-long standoff with criminal hackers, paying a reported $1.14 million in bitcoin to restore their systems.
In addition to the downtime and financial impact, ransomware attacks cause reputational damage that live on for years after the initial attack.
What is Ransomware and how does it work?
In case you’ve been on a long vacation without technology, Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Most infections occur when an unsuspecting user opens a forged email posing to be from a trusted source.
After opening an attached file or clicking a link, the user’s computer is infected and the attacker’s malicious software proceeds to encrypt all files the user has access to. This includes shared files stored on servers in addition to the files on the individual computer.
How to prepare and prevent ransomware attacks
As a managed service provider, we understand that it can be exhausting and overwhelming trying to keep up with the latest security threats and the associated solutions.
It can feel like a game of whack-a-mole trying to close an entirely new category of security vulnerability every few months.
Here at Xterra, we have helped hundreds of companies stay safe from ransomware attacks using our proven process. So how do you protect your organization from being the next “UC San Francisco”? Keep reading to learn how to protect your systems and data so that you can stay ransomware-free.
- Security awareness training – 95% of successful attacks are caused by human error (according to IBM Cyber Security Intelligence Index). Security training is the number one prevention tool for today’s security threats.
- Backups – Backup all company data to an offsite location with multiple restore points.
- Antimalware / Antivirus – Endpoint security software should be running on all systems with active scanning and automatic definition updates enabled. If you can, upgrade from traditional AV to EDR technology that can perform application whitelisting and identify unknown and zero-day malware threats.
- Email Protection – Implement an email security solution that provides link rewriting, attachment scanning, as well as impersonation protection.
- Patch management – Patch all systems for updates and run scheduled checks to keep everything up to date.
- Multi-factor Authentication – Leverage MFA to protect all services with business-critical data.
- URL filtering – Use security products or services that block access to known ransomware sites, unknown URL’s, and other high-risk URL categories.
- Isolate unsupported and unmanaged devices – Ensure guests, BYOD, and other unmanaged IoT devices are isolated from internal company systems and receive Internet-only access. End-of-support devices cannot be patched for security updates and are frequently the foothold for larger attacks. If it isn’t possible to completely isolate any of these device types, segment them onto separate networks and limit access via firewall to using least privilege.
- Cyber-liability insurance – Your insurance policy should have specific coverage for ransomware. Remember, policy details matter. Carefully review the policy exclusions and limits with your insurance broker to ensure you have sufficient coverage.
- Security management framework – Xterra recommends implementing a cyber-security management framework. Leveraging a security management framework such as NIST CSF gets you out of the wack-a-mole game and into a risk-based approach managing your security.
How can Xterra help my business?
Xterra has developed the people, process, and technology to deliver white glove IT services for a fraction of the cost of hiring a full-time staff. We are focused on helping San Francisco Bay Area clients accelerate their adoption of technology solutions to create measurable business value. If you are interested in learning more about how Xterra can help your business, schedule a free consultation.
Aaron is a Partner and Principal Network Architect at Xterra Solutions, Inc. With over 20 years experience, Aaron’s practice areas include security, networking, unified communications, and business continuity. Xterra is a leading managed services provider located in downtown San Francisco.