With WannaCry and other large-scale ransomware attacks in the headlines, one thing is clear: the sophistication of these viruses is increasing in a multitude of ways, including how they spread and how they encrypt data.
What this means for IT service providers is that there is no silver-bullet, one-stop approach for protecting clients — or their own business — from ransomware. Being able to mitigate or prevent attacks is to have an agile, multi-layered approach that can adapt as new and increasingly hostile threats emerge.
A best-in-class approach consists of 6 layers:
1. Patching: The most basic layer of protection is to monitor and patch all computers and apps. With the latest patches, you can close OS security vulnerabilities.
2. Anti-Virus and Network Monitoring (NIDS): People are being targeted through more sources than ever — email, ad networks, mobile apps and devices. Anti-virus and network intrusion detection systems (NIDS) examine all files and traffic, and filters them against all known threats. Keeping virus definition files current is critical to ensuring these systems are running at peak performance.
3. Backup and Disaster Recovery: There is sometimes a gap between when a threat is first introduced and when a vendor is notified and develops a remedy. Making a full-system backup protects back-office systems when an attack occurs and provides a recovery option for unknown threats and even the most catastrophic failures.
4. Endpoint Backup: Although there’s a layer of protection on back-office systems, you still need to have backup and support for laptops and desktops. These devices create, share and store business data, and if a cybercriminal captures this proprietary and sensitive information, it can have a significant impact on business productivity and profitability. Enabling real-time data backup on these endpoints, however, can prevent business-critical information from being compromised so they can ignore any ransom threats that come their way.
5. Secure File Sync and Share: With infection methods and email spoofing growing in sophistication, sharing data via email attachments has become riskier than ever. To improve security and facilitate effective collaboration from any location and using any device — even their smartphones and tablets, use a business grade file sync and share technology. The technology should grant access and editing controls for specific documents, such as Word documents, Excel spreadsheets and PowerPoint presentations, and allow employees to recover documents that are maliciously or accidentally deleted.
6. Education and Awareness: IT service providers must educate clients and their employees about cybersecurity risks, new ransomware strains and best practices for spotting phishing attempts, suspicious emails and other security risks. Empowering them to be proactive and encouraging them to report questionable content using rewards and incentives will help increase awareness and decrease overall risk.
To learn more, please download the eBook: 6 Ways to Shield Clients from Ransomware. Find it here.
Moshe Binyamin is director of market management at Autotask. Read more Autotask blogs here. Read more Autotask blogs here.
