Get started Bring yourself up to speed with our introductory content.

Protection from ransomware: A checklist for continuity

Protection against ransomware can save a business money and time in the event of an attack. It's critical to plan ahead with BC/DR and security work.

Among the biggest concerns in information security today is ransomware, where malicious code embedded into a system...

prevents users from accessing data unless a ransom is paid. From a business continuity perspective, this represents a major risk to organizations of all kinds.

An inability to access critical systems and data, or the threat by the perpetrator to publish confidential data, can damage an organization's ability to conduct business and, more importantly, damage its reputation and competitive position.

Taking a page from information security and business continuity playbooks, the following tips on protection from ransomware will help your organization defend its data.

Implement comprehensive backup

Identify the electronic systems, data and other intellectual property your organization needs to operate, and the loss of which could damage its reputation. Ensure these assets are securely backed up and stored in another location so they can be retrieved in an emergency.

For systems and data that change dynamically during the day, perform multiple daily backups using techniques such as data mirroring and replication to ensure the most current assets are available.

Stop ransomware before it starts

As your network perimeter is the most likely entry point for malicious code, ensure it is protected with as much intrusion detection and prevention equipment as possible.

A multi-element defense-in-depth security strategy is an effective method of protection from ransomware. For example, Barracuda Networks offers a number of products, such as Advanced Threat Protection, to increase your chances of survival from ransomware and other threats.

In addition to your network perimeter, malicious code can enter your organization through several threat vectors, such as email attachments, remote access, web-based applications and smartphones. Work with your IT teams to prevent unauthorized access via technology.

When we consider individual employees as threat vectors, perhaps the most effective protection from ransomware is education. Develop and conduct training programs that explain potential threats to the company, including ransomware. Provide awareness reminders through the company intranet, email or an automated emergency notification system.

Social engineering, widely considered an effective way to breach security, can be mitigated through training and awareness programs. Provide similar training and awareness to your remote workforce.

Stay up to date

From a technology perspective, keep your security systems up to date with the latest software, hardware and patches. Do the same for your operating systems, applications, databases and network elements. Ensure your firewalls have the most current rules in place and make sure the same is true if you use intrusion detection or intrusion prevention systems. As often as possible, scan email boxes and applications for vulnerabilities and provide patches as needed.

Plan ahead and test

Validate your perimeter's defenses through penetration testing. Test your internal networks for potential vulnerabilities. Conduct regular tests of security software to ensure it is performing properly.

Provide status reports to senior management -- perhaps in the form of a scorecard -- describing what is being done to keep up with protection from ransomware and other threats. Keeping management informed will ensure they understand and support your efforts; it can also lead to continued funding to keep your preventive measures operating properly.

Update your business continuity (BC) and technology disaster recovery (DR) plans to include ransomware and similar threats, as well as how such an event should be handled. Coordination with physical security and information security teams is essential to minimize damage to the organization and its IP assets.

Schedule periodic joint meetings of BC/DR and security teams to discuss information about new threats and new technology to mitigate threats, share information and plan for joint exercises.

Effective protection from ransomware and other information threats requires not only a comprehensive and multilayered security strategy, but close coordination among BC, DR and security teams.

Next Steps

Plan your ransomware recovery strategy

Offline backups are key to recovering from attacks

Endpoint backup protects against ransomware

This was last published in October 2017

Dig Deeper on Disaster recovery planning - management

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How confident are you in your organization's ransomware protection?
Cancel

-ADS BY GOOGLE

SearchSolidStateStorage

SearchCloudStorage

SearchDataBackup

SearchStorage

Close