By Suze Shaffer
Like we don’t have enough to worry about, now this!
Security researchers are saying this new technique is effective even against systems that are patched and run anti-virus scans. This process allows ransomware to encrypt files on Windows based systems. The way most ransomware gets into our systems is by unsuspecting users or hi-jacked user credentials. Of course it can happen from a disgruntled employee as well. Once this happens, the ransomware opens and reads an original file, then deletes or destroys the original by encrypting it. Within a short amount of time the hacker can invade your systems and crawl through your entire network. Taking everything down and literally destroying your livelihood.. Of course, there is more to this and if you want, you can research this. The main reason why I wanted to share this with you is because… as I have said many times, employees are your first line of defense! Well educated employees can prevent this from happening in your organization. Here is what you need to do TODAY to prevent a data breach:
- Remind every user of your system that the computers are for business purposes ONLY. Clicking on infected websites can infect your network.
- Remind users do not click on any links or attachments that are not expected even if it comes from someone they know.
- Do not permit anyone access to your systems without confirming their identity. This includes service providers. If you do not have an appointment, call and verify the person is still employed there.
- Remove user access for terminated employees IMMEDIATELY. Before terminating a person, have this process set and ready.
- Conduct a criminal background check on ALL new hires. This needs to be included in your employee manual, and state that a background check can be performed at anytime during their employment.
- Contact a network security professional and have them run an audit on your system. This will ensure you do not have any open ports or vulnerabilities.
- Be sure to have a backup of your system that is NOT connected to your network.
I know I have said this in the past, but I have to say it again… The World Wide Web (WWW) is the new Wild Wild West, the difference is, danger is invisible until it is too late. Be careful out there.
If you would like more information, contact us at 877.659.2467 or complete the contact us form.
“Simplifying HIPAA through Partnership, Education, and Support”