Tag: ransomware protection

10 Apr 2019

One Must Have From your Chicago IT Support Provider

Network Security
SECURITY OPERATIONS CENTER FROM YOUR CHICAGO IT SUPPORT PROVIDER

The single most important thing your Chicago IT Support plan needs

If you are making a decision related to IT and your Chicago company you are faced with a ton of options, technologies, costs, software, platforms, etc. But, currently the single most important focus of your Chicago IT support strategy needs to be IT Cyber Security. You’ve probably heard this from any reputable IT Company or one of the better IT Companies in Chicago. Don’t ignore this message. Sometimes executive leadership tends to tune out the constant sky is falling messages about information technology. But IT Cyber Security is one area that can’t be ignored.

Your Data is Under Attack

Your data is your company. All your accounting records, sales records, human resources records are today’s most valuable assets. And hackers want this data, and spend enormous amounts of time trying to get it. Cyber threats are becoming more common and extremely sophisticated. And as one of Chicago’s leading IT Companies we see more and more attacks happening to smaller companies. That’s why even as a small business or mid-size business IT Cyber-Security must play a huge part in your IT Support plan. The threats include Malware attacks, that can penetrate your systems through emails, web site visits, downloaded files. Other threats may include hacking, insider attacks and of course ransomware. Well the majority of these threats can not be stopped by typical firewall and perimeter security technologies.

Why Firewalls aren’t enough!

The problem is many Chicago IT Companies have relied on firewalls and perimeter technologies to protect your company’s data from hacking. Perimeter technologies are systems that act like a fence or gate. They protect intruders from getting in from outside your network. Imagine a house, your yard fence, windows, locks and doors, these would be considered perimeter defense technologies. However, these technologies alone will no longer protect you. The reason is most attacks these days come from inside your network. So what would you do to protect your house if someone was already inside? Well your security and home defenses would be much different. Then you would need to look more at solutions that allow you to respond and eliminate the threat from the inside. Now your Chicago IT Support plan needs a Managed IT Cyber Security service to keep your data safe from the inside. What does that mean? Well it means that your systems, network and its data are monitored 24/7 to make sure no one is hacking or compromising your data from the outside and inside.

Protection Detection and Response

Lets continue with the home analogy. To protect your home you may install a fence, locks on your doors and windows, or even gates on your windows. In the IT security and support world, gates, locks and doors would be the firewalls, and endpoint protection technologies. This is the first step towards a proper IT Security plan. Protection! Next let’s think about burglar alarms, and what they consist of in your home. They would have motion sensors, movement detectors and cameras. In IT Security solutions and IT Support technologies this would be the Detection piece of your IT Security solution. You need a platform that detects an intrusion, similar to burglar alarms. These are referred to as intrusion detection solutions. And lastly, and perhaps most important is what happens when an intruder is detected? Well 911 is called. This is Response! Well in IT Security how you respond to an intrusion is what will save you from an attack. You need all three pieces, Protection, Detection and Response to have a successful IT Security plan.

The Glue that holds everything together

OK well now you know you need an IT security solution that provides Protection, Detection and Response. That is great, but finally there is a something that keeps all of this working, and that’s a SOC. The Security Operations Center is the glue that holds everything together. All successful Managed Security services must provide a Security Operations center or SOC. You must work with a Chicago IT support company that offers IT Managed Security Services and that has a SOC that provides 24/7 monitoring of your systems. And I am not talking about a SOC that is run inside some small IT company. I am talking about a SOC that meets compliance requirements and the platform is maintained in a HIPPA, PCI. SSAE 16 compliant data center.  The SOC is the cornerstone to a successful Chicago IT Support strategy. And as a small business you can not afford to implement your own SOC. A good SOC Cyber Security Platform from a good IT support company will do the following:

It will monitor the inbound and outbound data and network traffic of all your network devices. This will allow the traffic to be evaluated as being from good sources or from bad sources. Action based on the different traffic behaviors can then be evaluated to see if a threat pattern exists. The threat pattern may be related to ransomware attacks, insider attacks, botnets and other threats that slip past the firewall. This is what Managed IT Security is.

A good SOC offering will also provide your business with regulatory compliance reporting to deal with HIPAA, OCI, SOX and other regulatory bodies. This will minimize your exposure to fines, penalties and remediation costs. Regulatory compliance is a key benefit of a good Managed IT Security offering.

And to pull this all together Log Capture and Management has to play a roll. This is where the information is evaluated and data investigated to discover breeches, anomalies, and other malicious behavior.

In conclusion your IT Support plan must have a IT Cyber Security solution or SIEM (security information and event management) solution that leverages a Security Operations Center to succeed and protect your comapny’s data, network and systems.

If you have further questions related to Chicago IT Support or IT Security Solutions for your business feel free to call Rick Bolda at 630-918-7370 or email info@itriskmgrs.com.

 

11 May 2018

Ransomware Attack Recovery for your Chicago Business

Protect your Company from Ransomware Attacks

Ransomware Attacks are targeting Chicago Businesses

Chances are if you’re reading this article it’s because you’ve gotten hit with a ransomware attack. Recovery is probably pretty vital to your business and you stand to lose a lot if your data is not recovered. We are first going to discuss what your options are, and then discuss what you can do to prevent getting into this situation in the future.

Ransomware Attack Recovery: Check Your Backups

First and foremost, check your backups. It’s easy to forget that you even have backups in such situation, but backups are a vital part of ransomware attack recovery. In this day and age of automatic cloud backups, you may even have your data backed up without realizing it. Windows 10 is set up to automatically backup user files to OneDrive, Android phones and ChromeBooks automatically backup their data to Google Drive, and Apple products automatically backup to iCloud.

Of course, you don’t want these backups to become corrupted by the ransomware attack. If you haven’t already, immediately stop the syncing process so that you don’t end up overwriting your cloud backup with the ransomware’s encrypted version of your data. With backups of your data, it’s easy to simply reinstall your operating system and restore your data from backup.

Ransomware Attack Recovery: What to Do if You Don’t Have Backups

If you don’t have backups of your data, though, it gets trickier. You may need to pay the ransom to get your data restored. If you can’t pay the ransom, you can try decryption software designed to restore your data from ransomware attacks. This software is very hit or miss, though, and there is a 50/50 chance of it working to restore your data.

As a last resort, you can try contacting us to restore your data. We can use more advanced decryption methods to attempt to restore your data. Please be aware though that this, too, may fail.

Ransomware Attack Recovery: Prevention

Ransomware attack recovery starts with being prepared before a ransomware attack occurs. If you are prepared ahead of time, then ransomware doesn’t stand a chance against harming your business. As you may have guessed, this starts with having backups of your data.

Keep your own encrypted backups both stored in the cloud and stored offline. This way even if ransomware manages to infect your online backups, you still have offline backups it can’t touch. Encrypting your backups also prevents anyone from gaining access to sensitive business data.

Of course, the best case scenario is one in which ransomware doesn’t have a chance to infect your business network at all. So make sure you are using the latest security software that is equipped to prevent ransomware from ever getting its hooks into your system. Keep this software updated as well.

Along with using up to date security software, use up to date operating system software. Older operating systems are full of security holes that ransomware loves to exploit. The first ransomware in fact was trained to take advantage of businesses that were still using Windows XP, because Microsoft was no longer releasing security updates for it. If you are using an older operating system, now is definitely the time to update it.

Along with using an up to date operating system, make sure you are regularly applying updates and security patches. Just like ransomware loves to exploit older operating systems, it also likes to take advantage of operating systems that haven’t been updated and patched.

Another great step you can take towards ransomware prevention is getting us to do a full audit of your network to patch up any security holes. While security software and up to date software provides good basic protection, there still may possibly be holes in your network that could let an attacker slip through and install ransomware. A security audit will let you know what those holes are and help you seal up your network completely, preventing that from being an issue.

Ransomware Attack Recovery: Success!

If you follow all of these steps, you will be a ransomware attack recovery pro. Ransomware will not stand a chance against harming your business! Make sure that your security software and operating system are fully up to date, keep plenty of both online and offline encrypted backups, and get a security audit done so that your network can be completely secured. You will never have to worry about ransomware – or any malware – ever again.

Go here to for another Cyber Security topic: https://www.itriskmgrs.com/cyber-security-chicago/

Go here to see 8 ways your employees enable hackers! 

https://www.itriskmgrs.com/8-ways-your-employees-enable-hackers