Ransomware: How Safe is Your Data?
The recent incidents of ransomware attacks have rattled the world of IT and data security. From the SolarWinds hack in December 2020 to the recent strike on Colonial Pipeline, we have witnessed an apparent surge in the number of such malware attacks.
A Trustwave report from April 2020 revealed that for the first time, ransomware attacks overtook payments card data as the types of information most targeted by cybercriminals. On top of it, the rise in remote working since the pandemic has resulted in new security and administrative challenges.
Even the top companies with tight security controls are vulnerable to malware threats. To prevent such scenarios, it is important to understand the loopholes around data security that allow cybercriminals to perform such attacks.
This article will discuss the best practices that will help you protect your data against ransomware threats.
1. Monitor Emails: Phishing emails are the most common channel for delivering malware. And it also works most of the time as it is easier to trick people into clicking a malicious link. Educating all the employees on how to identify and avoid potential risks will help in preventing such attacks.
To provide a layer of security, you can employ software to scan all emails for known malware strains and have updated firewalls and endpoint protections with the latest known malware signatures. You should also notify users of out-of-network emails and provide VPNs for use outside of the network.
2. Back Up Your Data: Next, you should be prepared in case of an attack so that it does not disrupt your business operations. A re-image of the disk followed by a data restore from the last good backup should be kept for use.
Ensure that you can revert to a recent backup version, which will keep you going in case you lose your data. Such practices will save you from the stress of restoring systems back to a previous version.
3. Employ Multifactor Authentication: A multifactor authentication provides an additional layer of protection by restricting an attacker from accessing the systems in case they manage to bypass password protection. As a multifactor authentication requires multiple verifications before granting access, it is essential especially if employees access sensitive data from outside the company premises.
4. Limit Data Access: Irrespective of the company’s security system, it is critical to limit access to the organization’s data based on the employee’s roles and responsibilities. You should treat data as a treasure and allow users to access the systems and data that are necessary for them to do their job.
Strict identity and access policies should be implemented to restrict employee access to valuable and confidential company data. This will allow you to grant or deny permissions based on the user, account, IP address, designation, along with specific requirements like whether requests are sent with SSL/TLS, etc. Such measures will go a long way in ensuring unauthorized parties do not get to access your data.
5. Update Security Patches: Keeping the computers up-to-date and adopting a patch management strategy can minimize ransomware risks up to a certain level. For instance, the WannaCry ransomware targets unpatched systems; however, the patches for that vulnerability are already available in the market. Many organizations still fall victim to attacks by WannaCry ransomware, which emphasizes the need for adopting such practices.
Nowadays a breach is more of a “when” as opposed to an “if”, so, it is important to prepare for such incidents. A DataMap can help you quickly understand the extent of an attack and in determining what has been affected. Such an assessment will help you bounce back quickly from a ransomware attack.
Meru’s DataMap provides a comprehensive footprint of data and data-related processes across the organization. It can also help in understanding the security controls in place to protect the areas with critical or sensitive data. Any gaps in controls can be quickly spotted and addressed so that you are prepared and protected.