One of the most devastating threats which hit small and mid-sized businesses is ransomware. And even when your organization is well-funded and your IT professionally managed you can (and will) be attacked. How successful these attacks are is dependent upon planning, preparation, and practice.

Recent attacks:

Jackson County, Missouri local government declares state of emergency (article - BreachToday)

FBI busts Lockbit cyber gang (video - CBS News Chicago)

Malware in the manufacturing sector (article - The Register )

Tulsa hospitals attacked with ransomware (article - Tulsa World )

Remember the following:

• Focus on the use of best practices for cybersecurity in your environment

• Your endpoint protection has settings recommended by its manufacturer - update these quarterly. NEVER depend upon default settings…your IT staff should be able to show you their best practices checklist. Take a few minutes to learn more about how they are using this protection capability!

• Your remote monitoring should be set to detect new devices and to auto-install your antivirus/endpoint protection. Your system should reflect any discrepancies in real-time

• Email accounts for roughly 75% of ransomware threat…best practices configurations should be used in email security, and you should have an ongoing cybersecurity and phishing awareness training program for all your users

• Be aware that your supervisors and senior leaders often are the biggest opportunity for attackers (highest access levels, least likely to participate in cyber training, some of the highest email volumes)

• All email systems and antivirus management should require the use of multi-factor authentication for system admins

• Access to key systems should require the use of multifactor authentication for ALL users!

• Use of any private email (Gmail, etc.) should be prohibited in the business place

• Identify the locations of ALL of your key business data: operations data, accounting, HR, proprietary design data, business planning, email, etc.

• Verify how all of your business data is currently being backed up

• Your backups and their procedures must be documented as how quickly each repository can be restored if it were destroyed

• Protect your backup repositories…these should be encrypted and should require mutlifactor authentication to access. In addition they should be replicated offsite via encrypted traffic and the offsite repository should be encrypted

• Perform periodic practice recoveries of key repositories local to your environment and ensure the process is documented in WRITING. If you are unsure then observe the process with your IT team

• If you are potentially reliant upon offsite backups, the same guidance goes. Practice restores are essential to ensure that knowledge and procedures are refreshed. Document practice restores

The practice of continuously “hardening” your environment and strengthening your users is crucial to successfully protecting your business! Contact Dolce Vita IT Solutions LLC at 405-348-1192 to find out how we protect businesses!