The conversation usually goes something like this: Hey, company X that (we do business with / my friend works at / we share some clients with…) just got ransomwared and were down for Y days/weeks, is my business protected from ransomware?
Well, this is one of those questions: if you need to ask, the answer is probably no… First, let’s dispel myth #1, there is no guaranteed way to protect a company from ransomware, if you are working with any vendor/partner/superhero that is promising this, walk away. What you can do is deploy a series of processes and technology to reduce the likelihood an attack against you would succeed and ensure you can recover if it does.
We’ve published a couple of blogs on the topic here if you want to read more, but high level:
- Train your people (attacks usually target humans first, not technology)
- Patch everything (patches are updates from vendors to fix issues)
- Deploy advanced email security to stop the new types of malware (94% of attacks start by an email)
- Inspect all web traffic (including encrypted one) to detect the new types of malware (84% of web traffic is encrypted)
- Deploy a next generation anti-malware on all devices (it’s your last line of defence)
- Backup all your data to a place no one can delete it (physically and logically) and yes, you must backup Office 365 and G-Suite data
And remember: Your data makes you special, protect it.
.png?width=142&height=42&name=a%20(1).png){kind=small}
.png?width=142&height=42&name=a%20(2).png){kind=small}
By Loïc Calvez
POSTED IN
