There are security measures that your organization can put in place to address Ransomware to ensure your data and intellectual property is protected.

A successful security strategy encompasses layers of tools throughout the network to address Ransomware. Some of the layers that MUST be addressed are as follows:

• Tools for email flow via Target Threat Protection (email link sandboxing) and Impersonation Protection
• Vulnerability Scanning software throughout the network that addresses odd and uncharacteristic activity
• High-end antivirus software on each desktop and virtual/physical server that is constantly scanning for these sorts of items and has the ability to stop it at the notebook/workstation layer
  • Automated malware removal
  • Centralized ransomware file protection
  • Real-time antivirus and anti-malware protection
  • Cloud-based management console
  • Central integration
  • Synchronized Security Heartbeat
  • Application control
  • Web control and URL blocking
  • Deep-learning malware detection
  • Root-cause analysis
  • Exploit prevention
  • Active adversary detection and prevention
  • Endpoint detection and response
  • Guided investigations
  • Deep-learning malware analysis
  • Endpoint Isolation
  • Live Discover SQL queries
  • Live Response command line interface
• Commercial-grade firewall that has the ability to immediately drop off any notebook/workstation from the network so it does not infect other systems
• Have a Point-in-Time Backup Solution in production so that you can restore at a certain time prior to Ransomware taking hold
• Have a Back-Up Solution in production built to restore on-premise under an agreed-upon timeline (4 to 12 hours) in a bare-metal restoration situation
• Quarterly Training: Leverage a quarterly Service w/bva that sends fake Ransomware emails to your staff, once identified, provide virtual training that must be completed

The following partners assisted bva in making this layered security approach: