No matter what line of business you’re in, your data security is something that must be taken seriously. The data you collect and store may include sensitive, personally identifiable information or it could simply be detailing your sales records, but never lose sight that protecting your data is protecting the integrity of your business.
Regardless of what type of data you store, it is valuable to someone and that means it’s vulnerable and needs to be properly secured. While there are many different ways cyber-criminals can attack businesses, one of increasing popularity is through ransomware.
Ransomware is a type of malware that encrypts every single file on a server. Anything the crypto virus can access will be edited and encrypted so that the rightful owner is blocked from accessing it. Typically a ransom is requested to release the data back to the owner with the threat of perpetual blocking or releasing the data publicly if the demands are not met.
The consequences for businesses in the financial industry, for instance, are more obvious. Because of the sensitive nature of the personal data of clients they store, having a breach can break clients’ trust that their data is secure with your company. This lack of trust, combined with the possibility of ransomed data/funds could literally shut down a business and have a domino effect on other clients.
To address this ever growing and evolving issue, you need to make sure that your data is secure, and to do this you must have a solid understanding of what kind of data is stored in your network and how you’re storing that through your environment. Once that baseline is established, you can address data security. To help you, we’ve highlighted the four most important components of data security and how you can use these to combat the threat of ransomware.
1. Protecting Your Data on Devices
Users or employees create the biggest vulnerability to any company’s data protection. For most businesses, data can be accessed through multiple mediums and devices – on-site workstations, personal laptops and mobile devices. Because of the breadth of access points, the biggest favor you will do your company is to make sure that all users have the knowledge and awareness of the types of security threats out there.
From phishing scams and malware to viruses and clickware, teaching your users how to avoid common cybersecurity traps and making sure they have the appropriate protection in place to avoid these on all devices they may use is paramount. We recommend KnowBe4 to our clients for security awareness training. For non-sensitive data this might just be a standard antivirus, but it could potentially include next-gen security monitoring like managed detection and response end points and encrypted hard drives.
Ransomware will often enter the network via an email phishing scam or through a user downloading a malicious file, link or an ad. This may be from a download of free software they found or by accessing a compromised fileshare or clicking a link to a malicious website. What’s important here is that one user being compromised can quickly spread throughout the network, infecting on a mass scale that will only be harder to address the more it spreads.
Standard antivirus software will often scan attachments but won’t typically scan emails for malicious links, and that’s why additional software, like Proofpoint, is recommended. Software like Proofpoint provides in-depth email filtering, and it will automatically block emails that contain malicious links before ever reaching the user’s inbox. This type of security combined with on-going phishing awareness training greatly reduces successful phishing attacks.
2. Protecting Your Infrastructure
Your network’s infrastructure is layered, and each of those layers comes with its own vulnerabilities and need to be protected. In addition to a secure and well architected infrastructure, next-generation fir
ewalls, intrusion protection and content filtering are just some of the security options you may have, and what you need will be based on the complexity of your infrastructure and the nature of the data.
Regardless, endpoint security on servers and managed detection and response network monitoring is recommended at every point, or layer, of the network to ensure that there aren’t any holes in your security that can be taken advantage of.
3. Regular Maintenance for Proactive Protection
Cyber-criminals are always looking for vulnerabilities or overlooked points of entry to circumvent the security. Regular maintenance ensures ongoing review and attention so that when a vulnerability is discovered, solutions like patches can be put into place to address them before they are exploited.
4. Having a Solid Identify and Response Plan
No matter what kind of security systems you have in place, you should treat your system being compromised as a when rather than an if. At the very least, you need to be notified immediately if you have a virus or intrusion so that action can be taken immediately to prevent further damage from occurring. That said, more robust security measures in the form of managed detection and response will allow for you to not only identify, isolate and stop the threat, but also have a strategic plan in place that outlines how to respond and who needs to be involved.
For a ransomware attack, ensure that you have a response plan in place with an identified disaster recovery plan. This can take the form of a backup or can utilize a service like Datto, a hardware device that sits in your company’s environment and provides backups in real time or scheduled intervals. That data is then sent to the cloud so it can be accessed in the event that the network is compromised with ransomware or any other malicious attack. This will significantly lower any downtime your company experiences.
At Entara we preach that through all of the different user training, software and plans, the most important piece is ultimately communication. Your data will not be secure unless everyone involved understands their roles, the best ways to avoid attacks and how to address a system compromise if it does occur. The bottom line is that protecting your data is protecting the integrity of your business.