Since the start of 2021, there has been an unprecedented spike in ransomware targeting remote employees and business supply chains. Phishing scams, hacks, and business email compromise campaigns are hindering massive companies such as Colonial Pipeline Co. and JBS, colleges, universities, and metropolitan police stations across the country. Unfortunately, it's these high-profile cases that tend to make the news, overshadowing SMBs that also feel the sting of ransomware.
It's absolutely essential that you monitor and patch all devices, applications, and operating systems that come into contact with your network. Patches protect against hardware and software vulnerabilities, or backdoors, that cybercriminals use to gain entry into your network. Exploits are one of the most common attack vectors, with astounding historical success.
For example, the 2017 WannaCry ransomware attack spread to 150 countries, infected hundreds of thousands of machines, and brought multi-national corporations such as Maersk, FedEx, and Britain's NHS to a grinding halt. WannaCry's success could be traced back to a minor flaw in Windows XP and 2003 messaging block. As security and design flaws are uncovered, patching allows you to stay ahead of cybercriminals looking to exploit them.
Businesses have to contend with more attack vectors than ever before. Your employees run mobile applications and devices, answer hundreds of emails per day, and maintain advertising and social networks. All of these pose unique security challenges. Mobile devices are vulnerable to Wi-Fi-based man-in-the-middle attacks, where sensitive information is intercepted by a malicious third party. Email still accounts for 94% of successful malware delivery. And pretext attacks flourish on social networks.
Your business needs in-depth verification at these contact points, regardless of whether information is entering, exiting, or moving within your network. Managed Network Monitoring analyzes traffic, and keeps tabs on your files, stopping emergent threats at the perimeter. By layering an Anti-Virus solution, your MSP can set specific rules that govern how information is analyzed, shared securely, or remediated if flagged as a threat.
In the event of a security incident, or natural disaster, you want to know that your company data is secure, and employees will be able to continue working. This is achieved in a number of ways. You need continuity at the data center level, otherwise referred to as geographic redundancy. By spreading your digital assets across multiple locations, your network is better positioned to absorb changes due to isolated downtime or spikes in traffic.
It's also imperative to have cloud-based backups from multiple providers. For example, Azure tenants may leverage the cloud platform's Backup, while layering Datto's Cloud Continuity. Datto provides file and device recovery, cloud virtualization, and ransomware. By diversifying backup tools, you increase the effectiveness of your continuity efforts.
Cybercriminals are overwhelmingly targeting specific assets - mail servers, desktops, and web application servers. The loss of any would damage your operations. The loss of all would be catastrophic. In addition to securing your network, you need to prioritize endpoint security. As your employees create content, collaborate with external users, and leverage applications on the go, you need to know your intellectual property is safe.
There are multiple platforms offering endpoint security, such as Microsoft InTune or Enterprise Mobility + Security. InTune is specifically focused on securing devices and operating systems, while Enterprise Mobility + Security layers on identity access management, threat and information protection, and secure cloud access. Some of the most effective, and readily deployed tools include:
The most granular security measures are those concerned with data itself. Tools within Enterprise Mobility + Security, or Datto's File Sync, allow administrators to establish specific controls for the handling, sharing, and storage of company data. Azure Information Protection will classify data sensitivity, log and monitor changes, and adjust restrictions accordingly. Within Office 365 Information Protection, you can set Data Loss Prevention (DLP) policies to monitor information across your application stack. Once your employees have finished using a particular piece of data, you can establish life cycle settings, or implement remote wipe.
You need to have a clear understanding of how your employees work with technology. How many applications do they use in an average working day? Does their workflow include shadow IT or unsanctioned tools? How often are they responding to work emails on personal devices? People are far more susceptible to social attacks and phishing scams that are received over mobile devices. Many mobile browsers limit what users can view - including email headers, source information, web browser validation, etc. This hinders the quick-glance verification that keeps users at their desktops safe. Keep your employees engaged with security through regular cybersecurity and phishing training. For more information about implementing any of these security strategies, reach out to our experts for a free IT consultation.
*This blog was originally published in 2020. It has been updated for accuracy.