Ransomware attacks have been at the front of news reports over the last several weeks. High-profile attacks like those on fuel supplier, Colonial Pipeline and food supplier, JBS have caused problems beyond the companies themselves. These recent ransomware attacks have resulted in disruption to various supply chains. The result – panic and fear have resulted in the general public as attacks are reported. The attacks can seem endless, and each time reports of IT security breaches occur, the question arises: could this attack have been prevented?
For small and midsized businesses, as they watch major companies with massive resources suffer the effects of a ransomware attack, they wonder how they can protect their critical IT infrastructure with their budget and IT resources.
So what should small and midsized businesses be thinking about as they look to protect their IT resources?
First, they need to take a good look at where and how they store critical data. Placing security controls on the servers, POS systems, and their corresponding OS applications linking computers and devices to each other should be a top priority for any business. Jim Finch, owner of Acme Business Solutions in Olean, New York, recommends that business owners conduct an initial assessment across systems to identify those resources and the current security for each. “To cover a system properly, you need to know the components of it and where each component stands in your IT security chain. Then, you need to find your weak links in the chain and shore them up to deter hackers’ access,” said Finch when asked about assessing computer networks for ransomware prevention.
This audit of the system is a good place to start for many businesses, particularly those with small or non-existent IT departments.
The next step is to identify and protect what is known as endpoints. Endpoints are remote computing devices that communicate back and forth with a network to which it is connected.
When asked about protecting access to a business network through its endpoints, Finch explained that it is a two-step process. “You must have protection for the system, of course, but you also need your people to help you by being aware of their behaviors. You have to offer suitable training to your people so they can mitigate their behaviors, which is how hackers get into a system very often.” Clicking on a bad link in an email, visiting an unsecured website, or downloading an app or file infected with a ransomware virus can be all hackers need to get in and wreak havoc within a business.
The other aspect of protecting your system is to have an endpoint security system that acts as an ever-present watchdog. This protection protects when people make errors that open up vulnerabilities to hackers. The good news for small and mid-sized businesses is that there are endpoint services available to customize services to protect a business. Finch notes that Acme collaborates with the endpoint security titan, SentinelOne, to offer small and midsized business IT security solutions to fit their needs and budget. “SentinelOne has a robust portfolio of protective services. We really like that their solutions run above the systems offering maximum protection and that they have such a wide array of services. It helps us customize security to our clients,” said Finch.
Hackers have a stake in seeking out vulnerabilities that they can exploit. Because it remains lucrative, cyber-attacks are inevitable. If you would like to learn more about how the Acme Business can help protect your organization or business, please contact us, or request a free demo.