10-26-21 | Blog Post
Based on a recent webinar with experts from Otava and Veeam, this blog post outlines 6 tips for ensuring your organization can effectively deflect, or recover from, ransomware attacks.
The vast majority of ransomware infections can be traced to someone within the organization unwittingly giving access to hackers. So an absolutely essential component of any security program is the education of everyone in the organization – first, about the types of attacks they may face, and second, how to avoid falling prey to them. An important benefit of security awareness training is that it empowers users to become security monitors for you. They’ll reach out to you to report things that just don’t look right – so you can investigate before they become a breach.
Back in the old days – the mid aughts, say – a core element of cyber security was perimeter protection, protecting the physical and logical environments from the outside world. Today, there is no perimeter. Even at organizations that don’t have large remote workforces, in many cases users can access the organization’s logical environment when outside the physical perimeter.
So where the perimeter protection strategy used to be called defense in depth, now we refer to the cyber security approach as zero trust protection. Essentially it means treating every identity and every device as a potential threat. Once you start thinking like that, you can identify the attack vectors where you need to focus your attention.
Educating users about the most common ransomware infection sources, enlisting employees as security watchdogs, and implementing zero trust protection are even more critical if even part of your workforce is remote. The perimeter was disappearing well before 2020, but the COVID-19 pandemic hastened its demise. Now, securing endpoint devices is not just an on-premises exercise; it’s about securing all the remote devices, including user-owned devices. Best practice is to have a robust Bring Your Own Device (BYOD) policy to govern those endpoints. But even if you don’t have a formal BYOD policy in place, you can (and should) check your security posture along that access control layer.
In our new Ransomware White Paper, learn more about cyber security best practices for a remote workforce including how to ensure users have secured their home Wi-Fi routers and the role of Desktop-as-a-Service in mitigating security risks.
In case the defenses fall, an effective backup strategy will at least enable the organization to get back to business quickly with limited long-term impact. That backup strategy is known as the 3-2-1-1-0 rule: Have three copies of your data, on two different media, one of which is off-site and one of which is offline, with zero recoverability errors.
Your data protection strategy should be layered based on the criticality of the data and how often it’s used. Those two factors determine the ideal recovery point objective (RPO) – the time span within which you need to be able to fully recover your data.
If you’re concerned about your own organization’s protection against ransomware or other threats, contact Otava today. Our experts can review your current security systems and processes and make recommendations for mitigating the risk that a ransomware attack will affect you and ensuring fast and complete recovery if you are breached.