Virtualization Technology News and Information
Protecting Your Organization Against Ransomware: 5 Essential Components Of A Data Protection Plan

In light of the near daily reports of ransomware attacks in the US and abroad impacting companies of all sizes and in every industry, cloud-based data protection company Infrascale has created an e-book detailing the five essential components that should be a integral part of every C-Suite's ransomware protection plan.

"It is apparent that companies suffer significant losses as the result of data loss due to cyberattacks," explained Infrascale CEO, Russell P. Reeder.  "However, they also suffer from loss of future business as we are seeing with the recent Accenture cyberattack.  In addition to having threat detection and remediation plans in place, it's imperative for companies of all sizes to have an active backup and DR plan and to consistently revisit/revise that plan to help them get back up and running quickly after a breach.  This crucial aspect of the cyber security process enables companies to avoid lengthy shutdowns and loss of business."

Here are the 5 Steps:

  • Step 1: Identify 
    • Understand the scope of your assets, systems, data, people, and capabilities. Consider the risks to your organization, and the specific impacts of different systems being rendered inoperable. Determine your approach through an analysis, weighed against the desired risk tolerance of your business.
  • Step 2: Protect
    • Create safeguards that incorporate all the ways your business operates - they must be appropriately sized, based on the assessment and risk tolerance you conducted in step 1:
      • Create Safeguards: A crucial cybersecurity tenet, least privilege means giving people only the permissions they need to get their job done. Role-based access controls restrict system access to authorized users, and further restricts what each user can access. Systems as well as users should both have least privilege. 
      • Minimize Risks with Controlled Access
      • Secure Endpoints
      • Backup Data: Every organization needs a comprehensive backup and disaster recovery solution. Disaster Recovery as a Service (DRaaS) is a service model that provides backup and recovery via the use of a third-party cloud environment, whereby all of the disaster recovery functionality, including orchestration, are provided as-a-service. Be sure your recovery plan also includes backup for the data in your SaaS applications, endpoints, and servers
      • Conduct Drills
      • Educate Employees
  • Step 3: Detect & Continually Improve 
    • Implement the appropriate actions to identify abnormal or malicious activity in your environment
      • Monitor Constantly: Anomaly detection can provide early warnings, enabling companies to quickly isolate a ransomware infection, revert to a clean backup, and recover important data before the entire network freezes
      • Endpoint Detection and Response (EDR): As bad actors continually adapt their attack techniques, they can be successful in circumventing AV software. This is where EDR can help by looking for bad behavior and alerting the end-user or administrator. Earlier warning of infection increases response time to stop the spread of the infection -and better yet - illuminate the exact timestamp of infection so that the exact recovery point is known.
      • Continually Improve: Info security programs must be continually amended and updated.
  • Step 4: Respond 
    • Develop and practice an incident response program within your organization that can be activated to help contain the impact of security events
      • Determine When It Started
      • Minimize Damage: Identify, isolate, and remove the infected computer(s). Disconnect from the network immediately, so ransomware cannot spread to shared drives and connected systems.
      • Inform employees: Ensure that all employees are aware that a ransomware attack is in process and direct them to the procedures needed to protect data. Provide a timeframe for restoration of affected systems.
  • Step 5: Recover
    • Build a cyber resilience program
      • Restore the Data: Look for solutions such as Infrascale Cloud Backup (ICB) that are easy to deploy, install, and manage directly from one unified console
      • Prevent Reinfection:  Ensure complete removal of the ransomware to avoid a continuous infection cycle.
Published Wednesday, August 11, 2021 12:52 PM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<August 2021>