Ransomware Protection

How are you Dealing with Ransomware?

There are security measures that your organization can put in place to address Ransomware to ensure your data and intellectual property is protected.

A successful security strategy encompasses layers of tools throughout the network to address Ransomware. Some of the layers that MUST be addressed are as follows:

  • Tools for email flow via Target Threat Protection (email¬†link sandboxing) and Impersonation Protection
  • Vulnerability Scanning software throughout the network that addresses odd and uncharacteristic activity
  • High-end antivirus software on each desktop and virtual/physical server that is constantly scanning for these sorts of items and has the ability to stop it at the notebook/workstation layer
    • Automated malware removal
    • Centralized ransomware file protection
    • Real-time antivirus and anti-malware protection
    • Cloud-based management console
    • Central integration
    • Synchronized Security Heartbeat
    • Application control
    • Web control and URL blocking
    • Deep-learning malware detection
    • Root-cause analysis
    • Exploit prevention
    • Active adversary detection and prevention
    • Endpoint detection and response
    • Guided investigations
    • Deep-learning malware analysis
    • Endpoint Isolation
    • Live Discover SQL queries
    • Live Response command line interface
  • Commercial-grade firewall that has the ability to immediately drop off any notebook/workstation from the network so it does not infect other systems
  • Have a Point-in-Time Backup Solution in production so that you can restore at a certain time prior to Ransomware taking hold
  • Have a Back-Up Solution in production built to restore on-premise under an agreed-upon timeline (4 to 12 hours) in a bare-metal restoration situation
  • Quarterly Training: Leverage a quarterly Service w/bva that sends fake Ransomware emails to your staff, once identified, provide virtual training that must be completed

The following partners assisted bva in making this layered security approach: