Ransomware attacks have been a serious threat for too long. Companies have often kept them under the radar to avoid attracting even more nefarious online attacks. But the brazenness, sophistication and reach of the recent spate of attacks has moved from individual companies or government entities to the nation’s front pages and, potentially, reached the level of national security.
Building stronger defenses against ransomware attacks must be a national priority, one that security experts, technology companies and governments must tackle together. At the level of individual companies, this is the time to take a fresh look at what security protocols are in place and to shore up immediate vulnerabilities.
Next Steps Beyond Security Basics
If your company does not have your security basics down – and many organizations still do not – please focus there first. Look for weaknesses and opportunities to harden your defenses:
Security hygiene: You can’t remind your employees too often and many criminals gain access to a company network through the most obvious of ways, a phishing email or a similar invitation to click on a link that installs malware that allows system access. If you haven’t conducted an awareness campaign for everyone who has access to your system, do that today.
Access management control: Do you have system in place to control who can access what level of data, from ordinary work products to sensitive client information? This too is an immediate must. Consider tools and protocols that govern who receives access to what.
Continuous patching: As a technology company CISO, I am often surprised when speaking with clients to learn that they do not have protocols in place to ensure all areas of their systems are routinely updated and patched. This is a major hazard that cannot be left to chance.
Once your team has confirmed that the basics are in place, there are a number of additional factors to consider that also can help stop nefarious actors.
Employ MFA everywhere: Old school credentials, such as reliance on a username and password, are easy to steal, easy to compromise and easy to guess. If you haven’t already, it is time to move to multi-factor authentication (MFA) everywhere possible. Requiring multiple user authentications before granting access to your network just makes sense, but it only a start. Security best practices are moving from passwords all together in favor of a layered approach that could include a hard token, biometrics or other technologies still on the horizon – all to achieve stronger authentication that cannot be as easily stolen.
Consider zero trust-based security: When your systems and services are built to embody zero trust, you have replaced implicit trust with proof. Just because you are inside a corporate firewall, you don’t trust everything there and the system does not implicitly trust you. Your level of access is based on proof of who you are and what you need to access. Each side of the online interaction, the user and the network, can attest that each transaction is up to date, patched, not vulnerable or compromised, and current. You start with zero trust, and then build trust from there.
At Avanade, we build our systems with zero trust in mind. Depending on the device you are using to access our network, you will have a different Avanade experience. If you are accessing our network from an authenticated workstation and your identity is confirmed, you will have one level of access - the level you need to do your work. If you are logging on from an unmanaged personal, client or third-party machine, you will be treated differently. Today’s security systems, properly configured, do not slow authenticated access or impede productivity. On the contrary, they provide a level of trust in our systems that our users understand and support.
Leverage the power of SAS providers: For those companies who are still managing some portion or all of their network on-premises, it is a burden to keep all components up to date and patched, watch for vulnerabilities and make sure all parts of the system are locked down. Miss one update or patch and your entire system could be vulnerable to online criminals. You can shift that burden to your cloud service provider, leveraging its higher-order services in order to achieve the greater levels of security that today’s digital world requires.
Staying Ahead of Cybercriminals
Staying ahead of online criminals is a never-ending battle. But you can be sure that today’s technology companies are at the forefront of protecting our digital environment. By employing these basic network system protections and remaining up to date on additional security systems and protocols as they are developed, you can make sure your company is deploying the protections required to operate safely, protect your data and foil those who seek to cause your company harm.
Author Bob Bruns is CISO at Avanade. Read more from Avanade here.