How to reduce ransomware risk : Part 1

Ransomware is an ongoing concern for everyone doing business on the internet. Threats evolve daily and we need to ensure we are sufficiently protected.

Patching, patching and patching!

Unpatched environments are easy pickings for attackers.

Many systems need patching, this includes operating systems, applications, and embedded systems.

When a vulnerability is found after the release of a piece of software, a patch issued to fix it.

We not only need to ensure we are patching vulnerable systems, we need to ensure we have a method for monitoring our success.

Anti-Malware

This is a critical component in preventing your environment becoming compromised. A centrally managed system gives you visibility of alerts and ensures all clients are up to date.

We must ensure we have 'tuned' the deployment, too many false positives and the potential for actual alerts going unnoticed increases. As with patching we also need to ensure we are keeping both the software and signatures up to date.

Backups

Having an offsite, read only copy of your data is essential in limiting impact from a ransomware attack. If you do get compromised an attacker is going after you backups. If you cannot restore your environment the attacker has a better chance of holding you to ransom.

Document and test your recovery processes!