Disruption to the core business objectives is costly to any organisation, healthcare or financial, oil or education so making sure that attacks like WannaCry don’t disrupt the mission brings direct business benefit.
With this in mind, WannaCry has done a good job of getting security to the top of the agenda, not just in companies but across the internet connected population. This was the first large scale attack, there will be more, so what can we learn and what measures should be in place to protect ourselves going forward?
We know that for WannaCryptOr 2.0 aka ‘WannaCry’ to succeed, a number of factors needed to line up;
- Computers with unpatched Operating Systems
- Insufficient malware protection
- Bad email practice, opening emails from unknown users
To ensure our data and credentials are not put at risk, we should be aware and take steps to protect what is ours, personally or at work. The following are simple steps that can help keep your data secure.
Rule 1. Backup your data!
Don’t make the mistake of thinking that ‘synchronised’ data is backed up. Ransomware will see these files too and will be encrypted along with the original files. What is needed is an offline ‘full’ backup copy of your data and your computer system software.
Personal or home data can be backed up to a USB device, corporate data requires an appropriately sized solution that can deliver daily or even hourly backups for one or all of the critical systems, designed to minimise data loss in case of a full system failure.
Esdebe recommend backup systems that will protect your data, from a few GB to Petabytes and everything in-between. To ensure your backup system is capturing all your mission critical data, Esdebe can deliver a full system audit, system and data backups in accordance with your schedule, with recommendations for remediation.
Rule 2. Device Protection
Companies invest heavily on perimeter protection but for all the best practice, users will be users and somehow, Malware can end up inside the corporate LAN.
Exploit prevention solutions like ‘Intercept-X’ from Sophos or Endpoint Protection (ATP) from Symantec deliver rollback remediation and route cause analysis to ensure the source of the outbreak can be identified. For SMEs, AVG has Ransomware protection built in.
Esdebe recommend that clients ensure that desktop and server malware protection is co-ordinated with a well configured firewall to ensure that outbreaks can be automatically isolated to prevent cross wan spread. Esdebe deliver solutions from Sophos, Symantec and AVG ensuring the most appropriate solution for your environment.
Rule 3. Maintain your environment
The WannaCry malware exploited computers that were running out of date operating systems or missing patches. Monitor your environment to ensure patches are actively applied or to learn through managed alerts if not.
Recovery from a malware attack could require recovery from backup. Backup completion is vital for business continuity and status reports bring confidence that your enterprise will survive whatever emergency hits your IT.
Esdebe 123 delivers straightforward patch management, monitoring, reporting and remediation on a low cost monthly per user tariff.
Rule 4. Manage Passwords
Until recently, best practice password management involved a spread sheet kept in the fire safe for the most powerful passwords in the enterprise. Today, Privileged Password Management is taken seriously. Solutions that can manage your privileged accounts can meet the company password policy bring a critical layer of security to your Enterprise. Auditing and reporting on usage of admin accounts ensures rogue usage can be swiftly and accurately identified, preventing sensitive data leakage or other types of inappropriate privilege usage.
For staff, user logon passwords represent the gateway to company and personal data. Best practise requires that each logon has a different password and that passwords should be changed regularly, however, most users have many accounts and remembering passwords for each account rapidly becomes impossible.
If you have questions about Esdebe solutions, call Esdebe on 01327 552244 or email email@example.com