Defending Your Data Against Malware, Ransomware and Other Cyber Threats
It’s something every company knows -- the protection of data and personal company information is of the utmost importance. But as the way we store data changes and the ever-evolving cyber threats get more advanced, information security should be doing the same, and here’s why:
For years, data has been stored in large servers and local storage devices. And while that may still be the case for a lot of companies today, many have moved critical data into cloud storage. Cloud storage gives users a wide range of benefits, including increased accessibility to files -- particularly for mobile devices -- cost savings and even a disaster recovery plan.
But typically, cloud data storage simply acts as a way for people to store information online without concerning themselves with the technical details of how and where the data is actually stored. And while cloud storage may have its benefits, it also opens companies up to potential security and privacy issues that don’t exist in a local storage environment.
As you probably know, the use of virtualization in cloud infrastructure introduces additional risk if not secured and managed properly by the cloud provider. Since virtualization changes the relationship between the operating software and the underlying hardware, end-to-end visibility becomes more essential than ever.
If the hypervisor is not properly configured, managed and secured, the number of virtual machines on the host multiply the risk. It is critical that the cloud service customer understands the management processes, security controls and notification procedures of the cloud service provider. Because all it takes is one simple phishing attack on an employee’s laptop or cell phone to untimately lead to a data center breach.
Whether you’re utilizing cloud storage or not, your data is still susceptible to advanced cyberattacks, like ransomware or malware.
While you’re probably familiar with malware, ransomware is a fairly new tool used by hackers, where once they get their metaphorical hands on your files, they encrypt, lock and hold them ransom until you decide to pony up the cash to unlock them.
Some companies have paid the ransom and received their data. Others have paid and received their data only to be ransomed again by the same hackers. Can you trust your data being held hostage? The best answer is not to have to ask.
So how exactly do you protect your data?
Prevention and Detection Tools
Detecting and preventing malware can be a tall task, especially with the visibility challenges posed by virtualization. Malware -- including ransomware -- is purposefully designed to evade detection, and defeating it requires specialized tools and solid processes. So we’ve listed some of the best below:
- Endpoint Security- Allows you to protect almost any type of device -- whether it’s an employee’s cell phone, tablet, or laptop -- connected to a protected network or surfing the internet. With endpoint security, you’ll get the visibility necessary to prevent breaches, and if something does get in, you can quickly detect, contain, and remediate any malware before damage is done.
- DNS Extension Tools- Extend the Domain Name System, or DNS, by adding features like phishing protection and optional content filtering to traditional DNS services. This is extremely valuable for mobile devices, as most secure DNS services also have the ability to render malware on a machine benign, preventing common pivot attacks.
- Application Centric Infrastructure (ACI)- With Software Defined Network (SDN) architecture, the controller is separate from the data plane and implemented in a software application, making it a prime target for hackers attempting to redirect traffic. With Application Centric Infrastructure, you get transparent security for physical and virtual environments, allowing you to utilize SDN architecture without compromising the functionality of your data center.
- Netflow Security Monitoring- To protect company infrastructure against attacks like advanced malware, insider threats, APTs and DDoS, organizations require in-depth data center visibility to quickly detect anomalous behaviors so they can be mitigated. Netflow security monitoring provides complete visibility across the network -- even the data center and virtual environments -- improving incident response times while helping to prevent devastating data loss.
In addition to these great tools, there’s another tool that can potentially be even more effective, and that’s employee education. Currently, over one-half of data breaches worldwide are due to human error.
That’s right, because Bob in payroll doesn’t understand the concept of phishing, or Susan in HR thought that email really was from Google asking for her password, the entire company is now at risk. So make sure that you educate your employees on the types of attacks that can take place, how they take place, and how they can avoid giving these attackers what they want.
A good exercise is to have your security director send out fake phishing emails to employees, and then wait and see who bites. Then, not only can you find out which employees put you more at risk than others, but you can also sit down with those employees one-on-one and explain the issue with them in depth.
So as you can see, the world of cyberattacks is getting more advanced, just like everything else in the technological world we live in. And the only true defense, is proper preparation.