May 12th of 2017 was anything but a casual Friday for over a quarter million people. 230,000 Windows users in 150 countries were encrypted with WannaCry, a data ransom virus, meaning users had to pay whatever these criminals were asking in order to get their data back.
If you’ve ever experienced a flavor of Ransomware with no capacity to recover, you’d know the feeling is very vulnerable. It’s one way we meet future clients; the ones who when through this. So yes, the issue is very real, extremely potent and ends up costing a lot of money in the form of billable recovery time and downtime.
- Yatron Ransomware
- Gandcrab Ransomware
- Trojan Glupteba
- Kuik Adware
- Magniber Ransomware
- Thanatos Ransomware
- Trojan Panda Banker / Zeus Panda
Protect Your Technology
If you do not have a real firewall with some sort of adaptive appliance then you’re not even on first base yet; so that’s where you start, an example is Cisco’s ASA platform. Antivirus is a must and it needs to be a business class platform. It’s preventative but not very effective when it comes to ransomware removal.
It must have an adaptive or proactive engine in it that’s more proactive in order to be effective here. There are many flavors of solutions here, proven and trusted platforms are a necessity. We use Panda in most situations and we do a bit of testing on our own, pitting these modern threats against the Panda platform in a test environment.
What this means to business owners is “keeping my employees from playing on the web”. This is a benefit of scrutinizing web traffic on the network. The other is when small malware gets on your computer, it’s less likely to manifest and become a bigger problem by “phoning home” to somewhere on the other side of the planet. These problems die on the vine and get cleaned up by the before mentioned antivirus.
Patch Management Systems
What patch management does is create control around security patches and updates on computers across the network. It usually does much more but this is critical at this point. It must be succinct, cohesive and unified within the network.
If you’re outsourcing IT management, let your IT team have control is important. We use AutoTask and the Autotask Endpoint Management (AEM) components that integrate fully with our Customer Relationship Management (CRM). Reporting remote support and hundreds of other tricks, tools and automation components run within our AEM but patch management is most relevant here.
You have to measure value when starting to consider where your data and network security. Inquire with your IT team what you’re using, get in the know the producers and programs. Someone in upper management likely needs to be in the know, at least around what platforms are in use and what they do
Your ability to recover is huge. If you suffer a loss of any kind–encryption, ransom, or otherwise–you must be able to recover. That means:
- You need your data. How often you back up, what you back up and where you backup dictate all of this, whatever is necessary for your company.
- You need to get that data back in production. Having data is great, how do you get back to work? The cost of employees doing nothing is a lot no matter how big or small your company is.
- Educate your staff. You can prevent quite a bit just by educating your team. The bigger the team the more of production this may be. I’d recommend considering strongly what the agenda is, make it valuable and provide solid info for your team.