“We’ve been compromised.” Those three little words are sure to keep you tossing and turning at night. Maybe an unauthorized user has accessed your data. Perhaps you’ve discovered an end user’s screen being recorded. Maybe your critical business applications have been encrypted by ransomware.
It’s the stuff of nightmares.
So, how do you return to a restful night’s sleep? It starts with securing your endpoints.
The endpoint security best practices you need to implement now
In this day and age, your critical systems, applications, and data are under a constant state of threat.
Here’s how you can help ensure business continuity.
Implement robust endpoint security solutions
Your endpoint security infrastructure is your first line of defense against the growing cyber security threat.
So, as you assess your current solutions, make sure you have these capabilities in place:
- SMTP traffic scanning for email
- Robust spam filtering
- Frequent traffic monitoring
- Up-to-date antivirus software
- Behavior-based solutions
- White and black web browser lists
- Unauthorized mobile device access prevention
- Mobile device data recovery solutions
- Physical, removable device blocking (i.e. USB)
Update your password policy
While multifactor authentication and biometric security can help you fortify data security, there’s still value to requiring strong passwords from your end users.
And, best practices here have changed. The National Institute of Standards and Technology now recommends forgoing:
- Periodic password changes
- Arbitrarily complex format requirements, like upper and lower case, numbers, and symbols
These requirements ultimately result in weaker passwords, as they place too much cognitive load on end users.
Instead, you’d be wise to require longer passwords (with an eight character minimum) and screen those passwords against those that have been previously compromised or are commonly used (a.k.a. Password1, monkey, and opensesame).
Keep your systems up-to-date
Unpatched software and systems are akin to rolling out the ole’ malware welcome mat. That’s because many popular exploits, including the infamous WannaCry virus, infect systems through unpatched security flaws.
As such, we recommend you:
- Immediately install updates and patches
- Scan software and systems to identify unpatched security flaws
These important steps will enable you to resolve vulnerabilities before cybercriminals can exploit them.
Limit user access
Perhaps the most effective way to reduce the impact of malware is to give users only the permissions they require to do their job—otherwise know as the “Principle of Least Privilege.”
This way, if an end user’s workstation becomes infected, you can limit the damage lateral ransomware might otherwise do. This is particularly vital when it comes to backup access, since your backups represent your last, best hope for mitigating ransomware damage.
Disable scripts, autoruns, and macros
Scripts, autoruns, and macros are frequently exploited by malware distributors. That’s why we encourage organizations to disable autorun—and enable individual marcos only when necessary.
Remote Desktop Protocol is incredibly useful to systems administrators who want to access remote workstations. It’s also useful to hackers who want to exploit those same workstations.
That’s why we encourage you to:
- Block RDP from being able to scan from open ports
- Employ multifactor authentication and strong passwords
Implement regular end user training
The only people standing between your systems and a shady-looking “.exe” file are your end users. And, properly trained, they can help you reduce ransomware infections by up to 97 percent.
Of course, practice makes perfect. That’s why we recommend you not only provide regular in-person and online trainings—but that you run simulated phishing tests to identify those who might need a refresher, as well.
Keep redundant backups
No matter how secure your defense, malware will find a way.
That’s why investing in not only ransomware protection—but ransomware recovery, too, is so important.
We recommend you implement multiple backups, in case one is compromised. Consider keeping copies locally, off-site, and in the cloud so you’re empowered to recover no matter what the malware might throw at you.
The current ransomware landscape
Okay, we’ve covered the endpoint security best practices you need to know. Now, let’s take a peek at what exactly is coming for your data.
From spray-and-pray ransomware infections to targeted ransomware attacks, the threats to your data are mounting.
Here’s what you need to watch for…
Encrypting ransomware—well, it’s pretty self-explanatory, right? These strains encrypt your files and demand payment (often in Bitcoin) in exchange for the corresponding decryption key.
Of course, even if you pay—and we highly recommend that you don’t—there’s no guarantee you’ll get your data back. Cybercriminals aren’t exactly known for their customer service.
Keep in mind that this malware can affect all types of operating systems—not just Windows. While there’s a myth floating around that Linux systems are immune, that’s just not the case. Just ask Nayana, the South Korean company running on Linux that was held hostage by encrypting ransomware.
Consider lateral ransomware the more sophisticated, older brother of encrypting ransomware. While it has all the same features as encrypting ransomware, the self-propagating worm also has the ability to travel—infecting every single system on the infected network.
This ransomware threat involves enticing users into clicking on legitimate-looking online ads. Once clicked, the fake advertisements can compromise systems by downloading exploit kits.
And, because AdGholas can hide their malicious code within images, they are significantly more difficult to detect.
Ransomware made its entrance via large-scale spray and pray campaigns. Today, however, cyber attackers are investing the time and energy necessary to target a single organization in the hopes that it will net a larger payday.
And, these targeted attacks are on the rise.
In short, it’s ugly out there.
Foil cyber attackers with rock-solid endpoint security
Malware is looming large—and no one’s safe.
But when you keep apprised of new threats and implement endpoint security best practices, you’ll be empowered to deny cyber attackers their big payday and, more importantly, ensure your organization remains up-and-running.
Your business critical systems, applications, and data are under a constant state of threat. In fact, a recent Cybersecurity Ventures report finds that a ransomware attack occurs every 40 seconds—and by the end of 2019 an attack is projected to occur every 14 seconds. It’s clear that you need a vigilant army of end users…
There it is—the ransomware lockscreen staring you down with its arrogant gaze, just begging you to cry, “Uncle!” So much for your pleasant morning cup of coffee. So, now what? What steps should you and your IT department take to mitigate the damage and restore your data? The answer is: It depends. Here are some…
It’s a never-ending battle: Hackers relentlessly look for a way into your digital house, you work overtime, boarding up the windows. Meanwhile, your employees stand in the threshold graciously offering their up their keys. We know employees are the primary cause of data breaches—and that login credentials are almost always employed at some phase of…
This month, a Grand Canyon-sized hole in WPA2 WiFi security protocol was discovered—and, it’s a vulnerability that has the potential to spell catastrophic consequences for organizations and their mobile workforces. So, what does the threat mean to you? And, more importantly, how can you use WiFi safely? Let’s dig in. KRACKS is a threat to…