How do I protect my infrastructure against internal threats and ransomware

While the wide-spread adoption of cloud services, and business use of the internet in general, have helped operations grow and collaborate more effectively, the potential risks of harnessing the cloud also increase.

Ransomware is an increasingly popular attack-type, where systems are locked from use until a ransom is paid to the hackers. Not only preventing BAU and causing financial loss, but also affecting credibility and the long-term success of the business.

Whether internal or external, the threats that your business are exposed to have the potential to derail or even shut-down your operation completely, if not addressed and prepared for. So, what can you do to better protect your organisation?

Internal threats

Without sounding paranoid, the greatest internal threat to your organisation is your team. Preventing innocent human error is one of (if not) the most significant factors in protecting your data, especially considering 90% of cyber attacks stem from a user mistake. When combined with disgruntled employees looking to actualise their frustrations, protecting your business from your team should be a key focus.

The solution? Training, accountability and monitoring.

Most successful cyber attacks start with a simple phishing scam – that was the case for Twitter last year – so, training your team around what to look out for and reporting best practice is essential.

But what if the issue lies with the IT admin themselves?

Here’s where the accountability and monitoring come in. Every action performed on your cloud systems needs to be logged and regularly audited, to ensure no one is up to any funny business.

We’ve even seen admins attempt to delete their virtual fingerprints from the crime scene, but with the right data processes in place, you can ensure accountability across your entire team and prevent a single person bringing the whole organisation down.

External threats

Enabling your data to travel across the global internet highway also increases the number of potential attack vectors from outside your organisation. Therefore, penetration testing, security analytics, firewall are all vital to ensure your safeguards are strong enough to prevent a potential attack.

It’s also important to interrogate the traffic regularly, preferably through a SIEM (Security Information and Even Management) engine that leverages Machine Learning to quickly identify threats and quash them, as (or even before) they emerge. Depending on the size of your operation, partnering with an experienced IT Managed Services Provider may be the best course of action, as they would continually monitor your network and negate those threats just as quickly as they emerged.

The final consideration (for both internal and external threats) is the ability to rollback your systems to a previous iteration if the worst happens and you’re locked out from your data.

While there are many cloud-based back-up services available, tape libraries are the perfect data repository, especially if you keep them offline or offsite. These immutable online repositories are encrypted, but the encryption key is hidden from all users and kept on the physical box itself, to ensure the highest levels of data security. However, their one drawback is the time it takes to recover the data, especially given the logistics of receiving the tapes when kept in a 3rd party data centre.

All these factors come together to create your cyber defence, but just like having a top-of-the-range laptop – it’s only as good as how/what you use it for. Rather than investing in a range of cyber security solutions that claim to be ‘hands-off’, trusting your systems to a cyber security expert is a far more cost-effective use of your resources and time. Speak to BDR Group today and discover how we can protect your organisation without sacrificing time and money.

Speak to BDR experts on 0800 975 3000 or email us via hello@bdrgroup.co.uk to learn more.