How to protect against ransomware attacks? This article looks at a three key strategies you can employ.
What is ransomware?
This video from the BBC explains what ransomware is and how it works.
Ransomware hackers take control of IT systems, steal data and demand a payment from victims to recover.
So what can you do to protect against ransomware attacks ? Experts recommend a “defence in depth” strategy, or multi-layered approach of physical, technical, and administrative controls to safeguard a business from ransomware threats. Below are some of the most effective steps you can take.
Secure your email
Email can be a gateway into your network for ransomware hackers, often by sending an attachment containing malicious software. There are a number of sophisticated email security products available on the market that use AI and other technology to detect, block and protect against ransomware attacks.
Communication and training are also key, so that employees can recognise suspicious emails and know how to respond.
Move infrastructure and applications to the cloud
The cloud offers significant advantages for solving long standing information security challenges.
All of the major cloud platforms operate on the basis of what they call the “shared responsibility model”. From a security perspective the cloud provider takes responsibility for securing certain elements of the technology stack. This frees up IT resource to focus on specific areas of responsibility. Cloud platforms provide a number tools to help customers to better secure their cloud resources.
Move end-user computing to the cloud
If we look specifically at desktop computing, when moved to the cloud, this presents a number of challenges for hackers.
Protocols for connecting to cloud-based desktops typically include an encryption layer designed for secure communication over networks.
User access and authentication can be tightly managed by applying conditional access policies and multi-factor authentication.
With platforms like Microsoft’s Azure Virtual Desktop (AVD), user profiles and applications can be managed in storage containers, kept separate from the operating system and the machine running it. These can be regularly backed up and easily restored in the event of an attack.
AVD also enables centralised management of security updates and patching, which can be challenging and time consuming with physical user devices.
Whilst it is not impossible for hackers to penetrate cloud based systems, it can be made more difficult and unattractive for them to target you. Where an attack is successful, disruption is limited by the fact that cloud based virtual desktops can be quickly rebuilt and restored with minimal user impact.
Secure the endpoints
End user devices are the most vulnerable point in the network. A major benefit of moving Windows to the cloud is that it allows you to use your endpoints as ‘thin clients’. They can be locked down so that data is never stored anywhere on the device, minimising the potential attack surface.
To learn more about endpoint security, take a look at this briefing from Igel that explains how endpoint devices can be turned into ransomware non-targets.
In addition to protecting you from ransomware attacks, with Windows in the cloud and your endpoints secured, a whole range of additional benefits are now open to you. For example, you can now securely allow your employees to use their own devices for work. Check out my blog on how to make BYOD secure.
If you want to minimise your exposure to a ransomware attack, there are a few simple measures you can put in place that will make you an unattractive and difficult target for ransomware hackers:
- Make sure your email is secure
- Put critical infrastructure in the cloud
- Move Windows to the cloud
- Get Windows off of your endpoints and convert your user devices to read-only thin clients
Cognition Cloud can help. We can deliver a full managed service to include all of the above measures. Alternatively, we can offer consulting and guidance to help you implement and manage this yourself, or with your incumbent IT supplier.
Sustainable. Smart. Secure.