It may be a little premature to determine whether 2018 will be a better or worse year than the last in the world of cybersecurity.
Regardless of the trends, we can be confident that viruses, ransomware, and other types of malware will continue to be a major threat to all types of businesses.
Protecting your customer data, keeping operations flowing smoothly, and reducing the risk of having to make a catastrophic ransomware payment are just a few reasons that preventing malware attacks is so important. In addition to having proper virus protection and firewalls in place, here are eight steps you can take to protect your network from malware attacks and minimize the damage if one occurs.
Backup, backup, backup
Even if you do everything right, there’s no way to 100% guarantee that your network will remain safe from malware. Ransomware continues to be a big business for cybercriminals. Between the bad guys’ financial motivations and the realities of human error, it’s always best to start by being prepared for the worst case scenario. Regular, secure backups of your most critical data are the way to achieve that.
Don’t just rely on compliance
\An all-too-common mistake by IT professionals in highly regulated industries is to think that if the business is compliant, it’s secure. Meeting requirements like HIPAA or PCI will help you avoid fines, but they’re not comprehensive enough to adequately protect you from malware threats.
It’s important to know exactly how secure you need to be by getting a better baseline assessment of your security needs than the regulations give you. See how secure your network needs to be.
Invest in the right monitoring tools
The right monitoring tools for your business won’t just help you stay on top of your operational performance—they’ll also keep tabs on the performance of your anti-virus applications and firewalls. Plus, good tools can monitor for potentially suspicious activity on the network so that if a breach occurs, you have a chance to stop it before it spreads or does too much damage.
Reset default passwords and settings
When implementing new devices, always reset default passwords and the default IP range, lest your network be tricked into connecting to another network within the same range.
Stay on top of patches and updates
You might be getting tired of hearing this, but we can’t help but issue a reminder to keep current with patches and updates to fix critical known vulnerabilities. Security experts don’t constantly remind you about patching because they think you don’t know this. They do it because they know how busy you are, and how easy it can be to put off the simplest security measures when more immediate-seeming network management needs are on your plate.
Implement network segmentation
In a perfect world, you would be able to put in force the strongest security measures for your entire network. Since that’s not reality, good network segmentation can help you maintain stronger measures where they’re needed most.
Segment the most critical parts of your network. This will keep them protected from potential breaches that find their way through other entry points, and help you manage your sanity by tailoring security measures to the level of risk a given segment can tolerate.
Minimize and manage connections to outside networks
If you’re working with outside contractors and vendors, give them access only to the network segments they need to do their jobs. The same goes for employees who may be connecting to your network from locations outside of your LAN. Strong security training and policies are a must for remote employees.
Invest in regular penetration tests
A best practice is to hire an outside firm to conduct penetration tests of your network at least annually. Ideally, these will test the ability of a hacker to breach your network from the outside and from the inside.
Following the tests, schedule plenty of time to review your vendor’s reports with them and with all your internal stakeholders, especially those without a strong technical background. These reviews are a critical step to helping you prioritize your security measures going forward. You’ll want buy-in on those measures from everyone with an operational or budget-related stake in the game.
We’re not trying to scare you, but we do want to help you keep your company out of the cybersecurity breach headlines.
Mitigate the risk of a serious malware attack on your organization through proper backups, a solid security assessment, the right hardware and software tools, and adequate policies, trainings, and tests.