Effective security is like an onion

There will always be a “buzz word” on the lips of everyone within the IT Industry, and this year has been no exception. With outbreaks such as WannaCry and Petya ransomware, we’re more than equipped with topics of discussion with colleagues and customers alike. The struggle we face is the fact that cyber criminals are always one step ahead of the latest technology. There is no fool proof method to protect ourselves against threats.

We all dread the thought of opening our laptop in the morning to be faced with a screen advising all our personal, precious or business critical files cannot be accessed unless we pay a ransom. However, this can have varying affects depending on the severity of the attack or the size of the organisation we work for, as to whether we can afford to pay the ransom or indeed if we do, what state the encrypted files will return in.

The latest report from Osterman advised that 22% of organisations had to cease business operations immediately because of ransomware. Which begs the question, what steps could or should they have taken to prevent this?

With cyber criminals being ever adaptable and increasingly knowledgeable, there is unfortunately no one size fits all approach for businesses. The best approach businesses can take to protect themselves is to “layer up” your defence system.

  • A fully updated and patched operating software which helps keep the network secure.
  • A firewall that includes IP whitelists, blacklists and port security. Acting as a boundary between the outside world and the internal network.
  • Anti-Attack software which includes anti-exploit, anti-spam and anti-phishing technology. Anti-exploit technology which disables attacks before they can intrude the system.
  • Ensuring users and admins keep all applications updated. Internet facing applications like Flash and Java leave networks vulnerable if they aren’t patched.
  • Anti-Malware protection which targets zero-hour threats and cleans infections. Can also protect against PUPs (potentially unwanted programs) protecting users from spamming or draining resources.
  • Traditional anti-virus which will protect from viruses, trojans and other known threats.

In short, we need to take as many steps as possible to keep the criminals at bay. As after all, prevention is better than the cure.