How to implement cyber security protection against ransomware
Effective cybersecurity is a combination of robust tools, effective processes, and relevant user education. All of these depend on engaged and informed management. With that in mind, here is a quick guide on how to implement cybersecurity protection against ransomware.
Choosing the right tools for the job
Modern IT security is largely based on using tools to monitor a system and setting out processes to guide responses to any alerts they produce. This means that the beating heart of any cybersecurity system is an effective anti-malware product with an integrated firewall.
In principle, you can buy these as two separate products, but in practice, there has long since ceased to be any real argument for doing so. These days, the performance of combined products is every bit as good as the performance of separate ones. They also tend to be much more cost-effective and more straightforward to implement.
Most companies should give preference to cloud-based malware tools. Firstly, these are updated by the vendor, so there’s never the need to manage local downloads and installations. Secondly, the fact that so much work is done on the back end means that there is much less of a load on local devices. This is useful not just for lower-specced computers but also for mobile devices, which also need to be protected.
Setting out effective processes
When it comes to setting out effective processes, the golden rule to remember is that while principles often stay the same, if not forever, then for a very long time, practices are usually in a constant state of change. This means that processes cannot just be “set and forget”, they need to be checked for success (or otherwise) and updated as necessary.
For example, at present, all companies need to manage updates for the operating systems they use, and any companies which still use downloadable software will need to manage updates for that too. This means that there needs to be a process in place to make sure that happens (because it is absolutely vital to security). There also needs to be checks in place to confirm that the process is working (for the same reason).
If there are necessary processes that you can’t make work with your internal resource, then the pragmatic (and convenient) solution is to get managed IT services providers to do the work for you. This works very well for many companies, just remember that, per the above point, these contracts are not “set and forget” either, they need to be reviewed periodically to make sure that they reflect developments in the IT landscape in general and your business in particular.
In the early days of IT, a lot of security was based on the idea that you could educate users to look out for themselves. To a certain extent, this is still true. The challenge is that there are now so many threats that even cybersecurity professionals can’t rely on their memories to know how to identify and deal with each of them. It’s unfair, unreasonable, and unsafe to expect regular employees to do so.
This means that the pragmatic approach is to educate employees on what they must do and, as far as possible, explain why. There are generally two areas on which most companies should concentrate their efforts. The first is social engineering and this needs to include training on how to handle social engineering attacks involving phones, particularly if you are using (or planning to use) video-conferencing. This can offer extra, visual clues which can make life easier for cyber attackers.
The second is the company processes they are required to follow. There are three challenges here. The first is breaking these processes down into simple points so people can remember what they need to know on a day to day basis and easily understand anything they need to check when they do something unusual. The second is making sure that people are reminded, gently, of what these policies are and why they matter and the third is managing changes to them, especially unwelcome changes that might be resisted.
Usually, the most effective way to deal with all of these challenges is a combination of clear documentation and regular communication, backed up by consistent enforcement. Consistency is important. You cannot ignore employees doing what they shouldn’t (deliberately or accidentally) and then suddenly start enforcing the rules with a heavy hand. If you know you’ve been lax about enforcement, you need to own the fact, warn people that enforcement is about to start getting serious, and then start being firmer.
Please click here now to start your free 30-day trial of Comodo AEP.