Earlier this month, TechRepublic posted an article reflecting on a new report from Sophos. It included eight tips to combat hackers’ ever-evolving tactics to gain ransom payments. (Tactics being: threatening to release the data, gathering/releasing employees’ personal data, changing passwords, deleting backups, etc.) Thankfully, all of their tips are addressed when Partners Plus is your business’ IT support.
- Set up a training program for your employees to help them recognize the kind of emails that attackers use and the demands they might make as part of a ransomware attack.
Our response: Within our IT Outsourcing Services Security Package, we train and test employees for security awareness and susceptibility to phishing attacks. Additionally, we give them the ability to independently report phishing emails.
2. Establish a 24-7-365 contact point for your employees to report any suspicious activity on the part of a potential attacker.
Our response: We ARE the 24-7-365 IT consulting contact point for you and your employees. Our Silver and Gold members can call us whenever to tackle problems that arise. For all clients during business hours, our average response rate is within the hour. We aren’t just another vendor, but your business partner, oftentimes helping you make business decisions and conversing with your other vendors.
3. Implement a process to scan for possible malicious insider activity, such as employees who try to gain access to unauthorized accounts or assets.
Our response: We scan Internet downloads, files, and emails for malicious material via firewall and anti-virus.
4. Constantly monitor your network security and note the five early signs an attacker is present to thwart ransomware attacks before they do damage.
Our response: With our IT services Security Package, we monitor your network and Office 365, 24-7-365. This allows us to catch security issues swiftly since 90% of attacks happen off-hours.
5. Disable any instances of internet-facing remote desktop protocol (RDP) to prevent attackers from accessing your network. If employees need remote access to an internal system, put it behind a VPN or a zero-trust connection and be sure that multi-factor authentication is in effect. We highly recommend each work laptop have a companion desktop in-office or the usage of an RDS.
Our response: We have Best Practices in place for working remotely, both for our team and our clients. We utilize a VPN, operate from a zero-trust mentality, and enable two- or multi-factor authentication wherever possible.
6. Regularly back up your critical data and keep at least one backup instance offline. Adopt the 3-2-1 method for backups. That means backing up three copies of the data using two different systems, one of which is offline.
Our response: We back up your network and Office 365 on an optional hourly or daily basis, including an offsite location. On top of that, the backups are locked up with separate credentials.
7. To stop attackers from disabling your security, turn to a product with a cloud-hosted management console that offers MFA and role-based administration to restrict access.
Our response: Within our Security Package, we offer a team-based password manager and generator. It implements 2FA with ease! We also don’t allow users to be admins on the network or their workstation, nor grant them access to share drives they don’t need for their role.
8. Set up an effective incident response plan and update it as needed.
Our response: With Partners Plus as your IT services company, we can navigate any storm. Additionally, if you have our Security Package and receive a high score on your last Business Review, we guarantee free support if you still suffer a ransomware attack!
Ready to be proactive with your company’s security? Contact us now!