The Datamax Thinking Blog

Educating, collaborating, and sparking ideas for maximizing the technology that matters.


7 Trustworthy Steps in Avoiding Ransomware, Phishing Scams

blog_ransomware_belayer_2

Organizations today need an IT strategy that acts as a belayer, a trusted entity of support to prevent malicious attack. 

Rock climbing is an endeavor built entirely around trust: Trust in your belayer.  Trust in your equipment.  Trust in the terrain surrounding you. And, of course, trust in yourself.

Likewise, your organization’s online security often comes down to a matter of trust. But trust in this manner should never be earned without scrutiny, verification and due diligence.

Modern day attacks, from socially engineered to phishing email scams, are built entirely around the art of deception. Two notable phishing scams illustrate online attackers using trusted brands as a means to infiltrate networks. One involved posing a Google Docs request, in which people clicked a link within the email and the hacker was able to access all their emails, contacts, as well as send and delete emails within accounts.

The second? Pay Pal accounts were targeted with a highly sophisticated scam that asked people to take a selfie while holding credit cards and a form of identification.

Why were these attacks successful? Because people immediately trusted the emails they received. By leveraging logos and the powerful brand recognition of both Google and Pay Pal, victims were caught off guard and their confidential information infiltrated.

Protecting your business from ransomware is not a single-prong approach. Being able to mitigate or prevent attacks takes an agile, multi-layered process involving both end users and executives alike.

Organizations today need an IT strategy that acts as a belayer, a trusted entity of support to prevent malicious attack. 

Here are 7 Trustworthy Steps in Avoiding Ransomware and Phishing Attacks

1. Patching

The most basic layer of protection is to monitor and patch all computers and applications. With the latest patches, your technology provider can address all known OS Security vulnerabilities.

Patching provides the most basic layer of protection to operating systems, especially once a security flaw is uncovered. Make certain that your internal IT team or technology provider utilizes the latest patches to ensure your operating systems are running at peak performance and that all system vulnerabilities are addressed.

2. Anti-virus and Network Monitoring

People are being targeted through more sources than ever – email, ad networks, mobile applications and devices.

Anti-virus and network monitoring examine all files and traffic, and filters them against all known threats. A robust anti-virus solution keeps virus definition files updated to protect these systems.

3. Backup and Disaster Recovery

There is sometimes a gap between when a threat is first introduced and when notification is received to develop a remedy. Your technology provider should do a full-system backup to protect your back-office systems.

This enables them to stay on top of things when an attack occurs, and provide a recovery option for unknown threats and even the most catastrophic failures.

4. Endpoint Backup

Although a layer of protection exists on your back-office systems, you still need to have a backup and recovery of data for devices.

These devices create, share and store business data, and if a cyber criminal captures this proprietary and sensitive information, it can have a significant impact on business productivity and profitability.

Ask your technology provider to do a real-time backup on these endpoints to prevent business-critical information from being compromised.

5. Secure File Sync and Share

A trustworthy technology partner allows your employees to collaborate securely from any location and using any device – smartphones and tablets included. Using enterprise-grade, secure file sync and share solution, you can grant access and editing controls for specific documents, such as Word documents, Excel spreadsheets and PowerPoint presentations, an your employees can recover documents that are maliciously or accidentally deleted.

6. Education and Awareness

This is perhaps the most important step in the process – creating awareness about these threats.

Ask your technology provider about available training and educational materials to help you educate employees about cybersecurity risks, new ransomware strains and best practices for spotting phishing attempts, suspicious emails and other security risks.

Empowering them to be proactive and encouraging them to report questionable content using rewards and incentives will help increase awareness and decrease overall risk.

7. A Belayer

A trusted technology partner serves as your belayer:  A team that  can provide an exhaustive view of your existing security landscape, improve overall technology management, and enhance your technology infrastructure. 

Speaking of trust: Do you trust your IT team or technology partner to act as your belayer, in case of a fall?  Are you empowered with the right tools to ensure that your sensitive data is safe from ransomware or phishing attacks? If not, let's visit.

schedule your technology assessment today!

SOURCE: Datto

Topics: Managed Network Services Network Management Network Security Cybersecurity