“If your business’ information is compromised do not pay the ransom. Instead, we recommend immediately removing the device from the internet and network to prevent the malware from spreading to other devices."
Omaha, Neb. (PRWEB) May 30, 2017
The recent WannaCry virus cyberattack has left many businesses re-evaluating their security and privacy policies and procedures to avoid falling victim as the attack continues to spread and replicate.
First National Technology Solutions (FNTS), a highly compliant, highly secure, nationally recognized leader in managed IT services, has expertise in information security and risk mitigation and offers tips for organizations looking to protect their data online.
“One thing businesses can do to try to avoid becoming the victim of a cyberattack is frequently patching their operating systems. A patch is a piece of software used to upgrade or fix a problem or a bug within an operating system,” said FNTS Director of Information Security Robert LaMagna-Reiter. “Microsoft published the main patch in March. FNTS pushed clients through its patching program sooner than it normally would have, since there were more recent vulnerabilities that were threatening security. Having a scheduled patching process can help protect a business from security threats.”
Businesses looking to review their security should take the following steps:
- Make sure all software is up-to-date on a regular basis.
- Frequently patch operating systems as soon as updates are available.
- Educate employees about malicious content and how to identify and avoid it.
- Limit employee access to resources that aren’t necessary for daily workflow.
According to LaMagna-Reiter, user education also is extremely important, since WannaCry is spreading largely through phishing e-mails, in which users must open an e-mail and click on a link or open a malicious attachment. Giving employees less access to resources that aren’t necessary in their daily workflow also could limit the spread of malware. The malware encrypts and spreads with the permissions inherited from whomever runs the malware.
“If your business’ information is compromised do not pay the ransom. Instead, we recommend immediately removing the device from the internet and network to prevent the malware from spreading to other devices. Then, contact your information security team. Infected devices will need to be restored from their last-known working back-up. After the devices are restored, employees should change their login credentials. Before devices are reconnected to the network and internet, they should be updated or patched as much as possible to prevent the virus from infecting it again. Businesses also should ensure that their anti-virus definitions, IPS signatures and other protection features are up-to-date,” LaMagna-Reiter added.
Tips for Detecting and Avoiding a Security Incident
- Align your security controls with the risk and impact to your organization and prioritize your responses and resources.
- Rely on your security automation services. Manual investigation should be used to augment existing alerts.
- Join forces with trusted third parties, internal staff, law enforcement and security tools.
- PATCH! Keep systems up-to-date and replace assets that cannot be patched or updated.
- Watch and recognize patterns while monitoring for vulnerabilities and attacks; utilize behavior analytics and trust your instincts.
- Remember, security must move as fast as your technology adoption and integration. As technology changes (IoT, big data, digital initiatives) so must your security strategy. Security should be part of the process – not an add-on.
- Educate staff and regularly reinforce training.
Suspect an incident? Know what to do next.
- Report the incident immediately to your IT security staff to determine its validity.
- Do not destroy or tamper with any evidence. This could inhibit the investigation and put you at risk for becoming non-compliant.
- Focus on the entire attack, since hackers attempt to operate and remain off the radar.
- Dig deep, investigate and take a holistic approach.
- Monitor all systems during an incident. Attackers mask motives through varying attack points.
- Act quickly and diligently. Once an incident is confirmed, activate the incident response team.
- Identify how the incident occurred, determine what was affected and prevent it from occurring again.
FNTS is available to consult businesses regarding their security and privacy policies. Businesses can email info(at)fnts.com or call 800.820.6924.
About FNTS: With over 20 years in the managed IT services industry, First National Technology Solutions (FNTS) is a leading provider of flexible, customized hosted and remote managed services. Specializing in best of breed cloud technology and data center services, FNTS is dedicated to quality personal service, guaranteed uptime, and custom-built solutions that fit individual enterprises today, and align with their future strategic growth plans.
Built on stability and fueled by innovation, FNTS partners with the world’s most respected technology companies including VMware, EMC, IBM and Microsoft. For more information about FNTS, visit http://www.fnts.com or follow us @FirstNatTechSol.
Headquartered in Omaha, Nebraska, FNTS is a wholly owned subsidiary of one of the Midwest’s largest privately held financial holding companies, First National of Nebraska. First National of Nebraska has grown into the largest privately owned banking company in the United States. First National and its affiliates have $20 billion in assets and 5,000 employee associates. Primary banking offices are located in Nebraska, Colorado, Illinois, Iowa, Kansas, South Dakota and Texas.