Easy Step To Protect Against the Ransomware Attack
With the recent WannaCry ransomware attacks, endpoint security is at the top of everyone’s mind. Soon enough, there will be another malware variant with another catchy name. These attacks are not limited to large corporations; every computer on the web is vulnerable.
How can you protect your organization? Here are three simple ways to help protect your network from getting a ransomware infection in the first place and to limit the damage that any attack that does get through can do.
1. Educate The Workforce
While technical solutions leap to mind for many people, I would suggest looking at the end user first. Just a little social engineering or cyber trickery on a user, and an attacker has a foothold inside your virtual environment. Even the most seasoned IT professional can absent-mindedly click on a link in an email without thinking about it first.
Another strategy attackers use to get inside your network is to load self-launching software on USB drives and leave them in convenient locations for employees to find. Who can pass up a free USB drive, right?
How can we harden the human component of our security plan? The short answer is training. We all know that it is easier said than done, especially given our limited resources and the increasing demands on those resources. However, training can be as simple as a monthly security newsletter provided that it is both interesting and informative. Or try a recorded video blog that highlights threats and how to avoid being “that guy who infected the network.”
2. Backup Your Data
The single biggest thing that will defeat ransomware is having a regularly updated backup. If you are attacked with ransomware you may lose that document you started earlier this morning, but if you can restore your system to an earlier snapshot or clean up your machine and restore your other lost documents from backup, you can rest easy. Remember that Cryptolocker will also encrypt files on drives that are mapped. This includes any external drives such as a USB thumb drive, as well as any network or cloud file stores that you have assigned a drive letter. So, what you need is a regular backup regimen, to an external drive or backup service, one that is not assigned a drive letter or is disconnected when it is not doing backup. With quest backup solution, Say goodbye to long backup windows, slow recovery and high maintenance costs. Our scalable backup and recovery solutions cut backup windows from hours to minutes. Protect anything — systems, apps and data — anywhere, whether it’s physical, virtual and or in the cloud. Back up physical and virtual machines with either agent-based or agentless backup, for the best of both worlds. Plus, our broad and flexible portfolio lets you choose the speed at which you recover your data to meet business-driven SLAs, as well as choose your levels of protection based on how vital your data and applications are to the business.
3. Keep Your Operating Systems and Applications Up to Date
Next step is to ensure that patching is completed regularly, since many attacks target OS and application vulnerabilities. Many people remember to patch their operating systems but fail to recognize that keeping third-party applications up to date is just as important.
Whether you choose native tools or third-party solutions to help, being consistent and timely with your methodology is critical. In enterprise environments, it is especially important to have a methodical plan for patching and testing. Ideally, your patch management solution will let you regulate when a patch is deployed, but still allow the end users some flexibility to delay the patching for a short time if needed. You also need a way to confirm that all the devices in your network are indeed patched and secured. The KACE Systems Management Appliance can automate these tasks, and many more.
This steps can take you a long way toward protecting your network — and your organization itself — from ransomware and other forms of malware. No matter which strategies you decide to employ or how complex your organization’s needs may be, we at Quest will be there for you.
Source from : www.welivesecurity.com
PT. Virtus Technology Indonesia
(a Member of CTI Group)
Centennial Tower 12th Floor
Jl. Jend. Gatot Subroto Kav. 24-25
Jakarta, 12930, Indonesia
Phone: +6221 80622288
Fax: +6221 80622289