FBI – Cyber Division, Let's Take a Look
What does the FBI – Cyber Division recommend you consider with regards to cybersecurity?
Cybersecurity is not simple. It requires a comprehensive approach to be effective, and even then, there isn’t anything that is 100%. PCS takes all of the following considerations recommended by the FBI and more to provide solutions to our clients that protect, detect, and recover from the cyber threats that exist today and those of tomorrow.
The FBI has a list of recommended considerations to evaluate as a business owner or executive when it comes to cybersecurity. Taken directly from the FBI Cyber Division.
- Implement an awareness and training program. Because end users are targeted, employees and individuals should be made aware of the threat of ransomware and how it is delivered.
- Patch operating systems, software, and firmware on devices. A centralized patch management system can make this much easier.
- Ensure anti-virus and anti-malware solutions are set to automatically update. Also make sure regular scans are conducted. A virus scanner does no good if it isn’t scanning!
- Manage the use of privileged accounts. Implement the principle of least privilege: no users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary.
- Configure access controls, including file, directory, and network share permissions, with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares.
- Disable macro scripts from office files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full office suite applications.
- Implement Software Restriction Policies (SRP) or other controls to prevent programs from executing from common ransomware locations. These include temporary folders supporting popular Internet browsers or compression/decompression programs, including the AppData/LocalAppData folder.
Business Continuity Considerations
- Back up data regularly, and regularly verify the integrity of those backups.
- Secure your backups. Ensure backups are not connected to the computers and networks they are backing up. Examples might be securing backups in the cloud or physically storing offline. Some instances of ransomware have the capability to lock cloud-based backups when systems continuously back up in real-time, also known as persistent synchronization. Backups are critical in ransomware. If you are infected, this may be the best way to recover your critical data.
- Implement application whitelisting. Only allow systems to execute programs known and permitted by security policy.
- Execute operating system environments or specific programs in a virtualized environment.
- Categorize data based on organizational value, and implement physical/logical separation of networks and data for different organizational units.
If this list seems daunting, confusing, and expensive, let me put your fears to rest. You can have a comprehensive Total Secure IT Solution with PCS that won’t break the bank. It also simplifies the process of determining what is needed to maximize protection, ensure rapid detection, and have a recovery plan in place to minimize business disruption.
If you are tired of trying to figure out a solution on your own or are not sure where you should start, let’s have a conversation. Click Here and book an appointment.
Have a question? Reach out today! (256) 513-8206
PCS Provides Total Secure IT Services
When is the last time you considered exactly what is at risk within your business? Ransomware 101 And Beyond — What You Need To Know! These questions and more are answered in our monthly blog posts.