|
Yesterday another massive cyberattack hit businesses around the world with the spread of the Petya Ransomware virus. The Danish transport and energy firm Maersk has confirmed that its computer systems are down across multiple sites due to the attack, and many other businesses are affected. This is just a few weeks after the WannaCry attack that crippled businesses world wide. We expect the attacks to increase over time, and its important to know the safeguards needed to help protect your business.
There is no such thing as 100% security, but if you're on a managed support plan with us, there are several safeguards we include in your plan:
- Security updates. These are tested, deployed and monitored. We get alerted when a system falls behind. VERY IMPORTANT: Reboot systems a minimum of once a week. Often laptop users merely hibernate their systems. Many security patch updates require reboots, and many patches are also sequential, meaning that you won't get the next update until the first one completes. Our team is actively monitoring alerts and you may receive a call from our office.
- Antivirus, Anti-malware, DNS security: Your licenses are all included in your plan with us, and we monitor for updates. There is no single license or product that will protect you. The key to protection is LAYERS of security.
There are several other strongly recommended layers of protection:
- Business Class Firewall. We strongly recommend a BUSINESS CLASS firewall, and most, but not all Ekaru clients have complied with this. If you are just relying on the generic firewall installed by your Internet Service provider, you are exposing your business to extra risk.
- eMail Security: If you're not currently protecting your email with security filtering, we strongly advise adding this layer of protection. eMail is one of the most common attack vectors, and all your systems should be protected.
-
Guest Network: Don't allow systems that aren't protected on your network. Get systems covered, or use a separate guest network if you allow BYOD (Bring your own device) at your site.
- User Training: This is required by the MA Data Security Law and other industry specific regulations. Do your users know how to recognize a phishing email? Do they know what to do if they suspect they have a Virus? Some reports estimate that 95% of breaches occur due to human error. We provide a lot of information on our Twitter and Facebook pages (follow us for updates), as well as recordings of our recent training webinars on our website. We also advise that you consider a more formal training program for your users, which is new this year.
If you have any questions or concerns, or if you want to talk to us about your support plan or getting on a support plan, please call us at 978-692-4200, or email [email protected].
|
