Preparing for ransomware.
2020 broke all records with regards to data loss and the sheer number of cyber-attacks on companies, government bodies, and individuals. It’s become evident that it’s no longer a question of if you will be compromised, but when.
Inhouse IT departments are therefore naturally aware of the growing threats that poor data security presents to their business. However, according to Varonis, still on average, only 5% of companies’ folders are properly protected – This means that on average, 95% of company data could become compromised if they fall victim to ransomware.
It’s no longer enough to just consider how good your system security appears to be, organisations need to prepare for the worst-case scenario – recovering lost data.
So, what does it mean?
This comes in the form of Disaster Recovery and Business Continuity Planning.
First and foremost, you need to consider how would you recover your data if all network shares and all servers were removed from the network overnight – Ask yourself the following questions:
Do you have recovery plans for specific business systems, such as Payroll and HR?
What steps would you need to take if your data was stolen and/or made public?
If you don’t already have a Disaster Recovery and Business Continuity plan who would you turn to?
At Stripe OLT, we know that a highly effective and actionable DR plan will protect against both physical disasters and cyber-crime, and with over 15 years’ experience, our Disaster Recovery and strategic Business Continuity plans are underpinned by experience and skill.
So, what are our quick-win recommendations?
First, Tighten your security.
- Multifactor Authentication is a must – Based on Microsoft research, enabling MFA means user accounts are 99.9% less likely to be breached.
- Close any unnecessary / risky ports open to the Internet – The Critical Watch Report claims that 65% of vulnerabilities found in TCP and UDP ports are linked to SSH (22/TCP), HTTPS (443/TCP), and HTTP (80/TCP). Something that IT professionals really need to consider…
- Make sure you have a form of Advanced Endpoint Protection – Why? Well, advanced endpoint protection protects systems from file, fileless, script-based and zero-day threats by using machine-learning or behavioural analysis. Traditionally, reactive endpoint security tools such as firewalls and anti-virus software generally depend upon known threat entities to detect a potential attack – in today’s threat landscape, this type of protection is simply not enough.
- Education, Education, Education – Make sure your users are informed and equipped to avoid clicking on malware in emails and Internet sites. Why not conduct Phishing campaigns to see how well you are doing?
- Remove local admin rights from ALL standard users – If someone needs elevated access, give them a second account. Strict permissions result in a higher level of data security.
Finally, update your insurance.
It’s imperative that you have Business Continuity cover that includes recovery from a Cyber Attack, companies without cover won’t just lose their data, depending on the type of information stolen, you could lose a substantial amount financially.