Protection against ransomware requires a multi-layered approach through defense in depth, with both preventative measures and recoverability capabilities. Due to the variety of attack methods, there is no single silver bullet that will provide comprehensive protection. As no protection is 100% effective, organizations must ensure they have recoverability capabilities in place for when they are compromised. Hararei can help organizations to implement a comprehensive approach to ransomware protection.
Preventative measures include endpoint protection, perimeter protection and patch management. Endpoint protection is typically provided by anti-virus (AV) products. Perimeter defence is provided by Internet Firewalls/Gateways. Patch Management provides effective distribution of vendor Operating System and application patches.
The first place to protect your environment is at the perimter. For this, Hararei offer the Zscaler cloud platform (Security–as–a–Service). Zscaler Internet Access — Sits inline between your company and the Internet, protecting your enterprise from cyberthreats, stopping intellectual property leaks, and ensuring compliance with corporate content and access policies. Zscaler security capabilities provide defence–in– depth defense, protecting you from a broad range of threats including malicious URL requests, viruses, Advanced Persistent Threats (APTs), zero–day malware, adware, spyware, botnets, cross–site scripting, and much more.
The next layer of defense is Endpoint Protection, for which Hararei offer the Arctic Wolf NextGen Anti–Virus (NGAV) product. This product is a top–rated AI–enabled product which does not require signature updates or endpoint device scanning, but uses Machine Learning (ML) techniques to identify malware. Through the use of AI, Arctic Wolf Aurora Endpoint Defense is able to protect against future virus variants which have not yet been written.
If your endpoint protection is signature–based, you have no Zero Day defense!
Another layer of defense is timely application of vendor and application security patches. Timeliness is key! For patch management, Hararei offer the Action/1 endpoint patching. Autonomous Endpoint Management (AEM) is a modern solution for efficiently managing and securing endpoints at scale. Harnessing automation, data analytics, and AI, AEM minimizes manual intervention, speeds up threat mitigation, simplifies maintaining security posture consistency, delivers compliance assurance and significantly boosts IT team productivity.
No protection can be absolutely guaranteed, so it is important to be able to recover from an attack if the worst happens. Recoverability measures help to recover from Ransomware attacks.
This protection essentially involves maintaining an inaccessible, offline backup of data. Hararei believe this offline copy is best offered in the Cloud, away from your primary dataset, so therefore recommend a Managed Backup service for backups.
Hararei recommend that organizations begin to implement ransomware protection as soon as possible. We have seen many Ransomware attacks, and in most cases, the client was still deliberating which way to proceed. Inaction increases the likelihood of an attack. Hararei recommend commencing with a programme to protect/recover your data in the first phase, and then start to increase preventative controls over time as budget and resources permit.
Contact us for a no obligation consultation or visit us on the Internet at hararei.com