First and foremost is the education of your staff. This starts with a phishing email. If no one clicks on the attachment… the phishing fails... PREVENTED!
Deploy an antivirus solution that employs low overhead and enhanced Anti-Ransomware technology. Not all AV providers have this technology. Webroot is one AV provider that we have seen to be consistent with detecting this type of threat. Recently we performed a test using a ransomware email. We used several AV solutions and found a major provider did not detect it where Webroot immediately identified the threat. For the record, this exploit has been in the wild for some time. Attacks are becoming more sophisticated like Macros coded in ASCII code to hide the IP address the malware is downloaded from. This makes it more difficult to create signatures to detect threats. With the sophistication of attacks… you need a dynamic and versatile AV solution that employs Enhanced Anti-Ransomware... PREVENTED!
Your last line of defense or should I say recovery, is your backups. Servers should always be backed up so if you get hit with this type of attack, you can recover your data. This article is not about backups but if you are not doing image level backups of your servers with virtualization abilities for DR…. give us a call. At the very least, you should have nightly backups of your servers. If you have a backup on the server… RECOVERED!
Client machines (Desktops and laptops) are not servers and most of the time they are not backed up. Ideally you should not have data only residing on your client machines. Most should use a mapped drive to a server to store data (Thus it is backed up when the server is backed up). You can also deploy a cloud solution like Microsoft OneDrive to replicate your data to the cloud. Keep in mind that any solution you use for this needs to have versioning. Versioning saves a new version of the file every time you save the file thus, if the file is modified (IE Encrypted) it will indeed replicate to the cloud but you will have the ability to recover previous versions from the versioning of Microsoft OneDrive. If you have this in place… RECOVERED!
Beringer Associates can help in reviewing your infrastructure and working with you to provide education, deployment of an AV solution or help setup a resilient and comprehensive backup solution for your business. Contact us with any questions you may have.
You must be logged in to post a comment.