Ransomware Protection

How are you Dealing with Ransomware?

There are security measures that your organization can put in place to address Ransomware to ensure your data and intellectual property is protected.

A successful security strategy encompasses layers of tools throughout the network to address Ransomware.  Some of the layers that MUST be addressed are as followed:

  • Tools for email flow via Target Threat Protection (email link sandboxing) and Impersonation Protection
  • Vulnerability Scanning software throughout the network that address odd and uncharacteristic activity
  • High end antivirus software on each desktop and virtual/physical server that is constantly scanning for these sort of items and has the ability to stop it at the notebook/workstation layer
    • Automated malware removal
    • Centralized ransomware file protection
    • Real-time antivirus, anti-malware protection
    • Cloud-based management console
    • Central integration
    • Synchronized Security Heartbeat
    • Application control
    • Web control and URL blocking
    • Deep-learning malware detection
    • Root-cause analysis
    • Exploit prevention
    • Active adversary detection and prevention
    • Endpoint detection and response
    • Guided investigations
    • Deep-learning malware analysis
    • Endpoint Isolation
    • Live Discover SQL queries
    • Live Response command line interface
  • Commercial grade firewall that has the ability to immeditatly drop off any notebook/workstation from the network so it does not infect other systems
  • Have a Point-in-Time Back Up Solution in production so that you can restore at a certain time prior to Ransomware taking hold
  • Have a Back Up Solution in production built to restore on-premise under an agreed upon timeline (4 to 12 hours) in a bare-metal restoration situation
  • Quarterly Training: Leverage a Quarterly Service w/bva that sends fake Ransomware emails to your staff, once identified, provide virtual training that must be completed

Partners that assist bva in making this layered security approach happen: