Page 72 - Cyber Defense Magazine for August 2020
P. 72
actors to target. Ensure that all user devices are updated and patched automatically, or as
frequently as possible. While these measures can’t provide 100% protection against zero-days,
they can significantly reduce your risk. Additionally, take time to adjust your hypervisor firewall
rules. This is important because you can manage both ingress and egress traffic to set granular
rules for which users can send, receive and access both inbound and outbound data, as well as
how much and which types. Setting strict outbound rules is incredibly important here due to the
fact that ransomware attacks often threaten to leak confidential company data.
Our research shows that exposure of just a single terabyte of data could cost you $129,324; now think
about how many terabytes of data your organization stores today. Most companies end up storing
hundreds of thousands to hundreds of millions of files, many of which are highly valuable and critical to
business operations. Ransomware attacks continue to wreak havoc on companies of all types and sizes
by locking those assets away as leverage for cyber extortion. Even though there are advanced solutions
out there that can allow you to simply roll back your environment to a pre-attack state and restore all files
to the last unaffected version, a widely distributed workforce can make this much more challenging (and
increase the odds of reinfection without the proper preventative measures in place).
As the coronavirus pandemic continues to play out over the coming months, attackers will focus their
attention on the many new targets supplied by the burgeoning population of remote workers – just hoping
that they’re unprepared and unprotected enough to make for easy footholds into your organization. The
most effective approach is to prevent ransomware infections before they can inflict damage.
Implementing the above best practices today will help you better secure off-network employees if and
when ransomware comes calling.
About the Author
Kris Lahiri is a co-founder and the Chief Security Officer of Egnyte.
He is responsible for creating and implementing Egnyte's global
information security and compliance management strategies,
policies and controls that protect all of Egnyte's customers'
content and users. Prior to Egnyte, Kris spent many years in the
design and deployment of large-scale infrastructures for Fortune
100 customers of Valdero and KPMG Consulting. Kris has a
B.Tech in Engineering from the Indian Institute of Technology,
Banaras, and an MS from the University of Cincinnati. For more
information, visit: https://www.egnyte.com.
Cyber Defense eMagazine – August 2020 Edition 72
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.