IT security is a long and continuous process. But there are also quick measures you can implement immediately to improve your security and reduce the risk of ransomware infiltration. Here we present three of them.
The following 3 measures can be implemented relatively quickly and will very significantly improve your security and lower the risk of a ransomware infiltration:
- Add a long-term backup, outside your own IT environment, so that your IT environment can always be restored, in case of an attack.
- Add an XDR / EDR “extended detection and response” solution to your servers and workstations.
- Monitor your XDR / EDR and get alerts for security events.
Add a long-term backup capability, which will allow you to restore your IT environment
This security measure involves making sure that if your IT environment is infiltrated by malware, you can always restore to a clean environment. If you’re thinking that you already have backups, consider this: can an attacker who has gained access to your environment, delete your backups? If your backups are stored in the same environment, you have to assume that the attacker will try to delete or encrypt your backups.
If there is just one thing you do to improve your security it should be setting up a long-term external backup, which is outside your own IT environment.
How can you implement this?
Ask a provider like Safe Swiss Cloud to implement a managed long term backup solution.
Add XDR / EDR extended threat detection and response to every server and workstation
Ransomware attacks systems (workstations, servers) by finding weaknesses in operating systems, applications (zero day weaknesses) and by evading the standard anti-virus systems (e.g. by smuggling itself onto a system in many pieces and avoiding a signature based detection).
The newer XDR/EDR advanced threat protection is good at recognising these intrusion attempts, well beyond what most standard anti-virus and end point protection systems can detect. It automatically quarantines such fragments and is capable of correlating events on multiple workstations and servers to raise alarms about threats that cannot be detected by an anti-virus on a single system.
How can you implement this?
Ask an IT security provider like Safe Swiss Cloud to setup an XDR / EDR solution. Once implemented, you will get access to a central console which identifies threats and raises alerts when you need to do something.
That raises the question: do you have the capability to monitor this security dashboard on a regular basis?
Security Monitoring service by Safe Swiss Cloud
If you do not have an operations centre with the capability to monitor your central security dashboard, you should use a service like Safe Swiss Cloud’s Security Monitoring which checks your dashboard regularly and raises an alarm if you need to take action to remediate a situation.
In summary: take the following steps immediately to lower the risk of malware
- Get a long term external, managed backup solution with a provider you trust – if all else fails, this will allow you to recover from an attack.
- Implement a modern, advanced XDR / EDR anti-malware / anti-ransomware system.
- Monitor the central dashboard of the XDR / EDR system: either yourself or use a security monitoring service like Safe Swiss Cloud.