Earlier this month, the White House penned an open letter to all US companies, asking them to take urgent action against the growing threat of ransomware attacks. The letter follows attacks on the Colonial Pipeline and on one of the country’s largest meat supplies, JBS. In these types of takeover attacks, cyber criminals demand payment from a company or organization in exchange for giving them access back to their own system.
There are several steps companies of ALL sizes should take to prevent ransomware attacks, such as backing up their data and segmenting their networks, according to the White House letter. At Velosio, we take cybersecurity seriously and have spent the last few years helping our clients and partners bolster their cyber defenses to not only mitigate ransomware attacks but also increase their cybersecurity.
Business and professional services are among most targeted industries for cyberattacks
According to the NTT Security 2020 Global Threat Intelligence Report, companies in those sectors keep huge amounts of sensitive customer and client data – financial info, tax returns, ID numbers, just to name a few – making them prime targets for cyber attackers.
Firms already at risk due to aging IT infrastructures and vulnerable on-premises systems faced increased pressure from demands for wider connectivity during the pandemic. And those demands aren’t likely to diminish significantly in the near future. With that enlarged demand comes increased risk of undetected cyber-criminal behavior. But the threat is not any less serious across industries.
“All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” wrote Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, in the open letter. “But there are immediate steps you can take to protect yourself, as well as your customers and the broader economy.”
At Velosio, we’ve found the best steps companies can take to combat cyber threats is to modernize their operations and take their data to the cloud.
IT professionals, already burdened by a broad (and growing) range of responsibilities for their organizations, are the front line for most companies’ cyber security.
Experts agree that one of the safest places those IT professionals can store important data is in the cloud. Solutions supported in the cloud mean updates are continuous and seamless.
One Velosio client operating an on-premises ERP solution lost decades of data in a weekend cyberattack after delaying maintenance on their servers, including security software. Switching to cloud-based ERP – Microsoft Dynamics 365 Business Central – helped that client and many others overcome challenges stemming from on-premises solutions that lead to data losses or breaches.
The rich portfolio of applications and technologies in Microsoft Azure not only helps companies grow their business, it also includes built-in security. Microsoft 365 and Dynamics 365 come with ransomware versioning and built-in security protections, while OneDrive for Business, Sharepoint Online and Teams also have version control and standard ransomware protection for enterprise. And Azure offers off-site backup protection.
Compromised credentials is the top attack vector for malware and ransomware. Another way to help detect and prevent cyberattacks is my implementing multi-factor authentication (MFA), where the user approves a login by using code sent often sent to an app or in a text. MFA can greatly reduce the chances of cyber attacker from getting inside. And a good alert policy like that can help security administrators change the setup to prevent future attempts.
Velosio provides a free assessment to help you understand your company’s level of security. With that knowledge, you can begin to configure the right solutions for your organization – helping reduce your security risk.