A significant security breach can be very expensive. At best, it disrupts budgets and profits. At worst, smaller companies can be forced into bankruptcy. How can you avoid this outcome?
How Much Could Ransomware Cost?
The most recent trend in security hacking is to encrypt an organization’s data and leave a demand for payment by BitCoin. The ransom is typically on the order of one BitCoin per server, or $11,468 each in late August 2020. Paying the ransomware gets a key to unlock the encrypted files, but it doesn’t make the IT systems safe against future attacks. Many organizations that make the payments are hacked again within a few months.
Two well-known cases of ransomware remediation have been documented in municipal governments. In these cases, they did not pay the ransom. Instead, they worked to recover their systems. The expense is the sum of remediation plus lost revenue.
Atlanta: $17M (includes references to other municipalities)
Three Steps for Basic Protection
Three steps are recommended by the NSA to help protect against multiple types of malware.
Multi-Factor Authentication (MFA)
Two or more secrets are needed to gain access to IT systems and files. Typically, this includes something you know (a password) and something you have (a security passkey token that generates a one-time-key).
Role-based Access
Only allow IT users access to systems that they need to perform their job. Don’t provide read/write access if a user only needs read access to a database. And certainly don’t provide access to systems for which an IT user has no need. A corollary to this is that access rights need to be reviewed periodically and updated.
White-list Applications
Provide access between applications and servers for communications that are required for the applications to function. Block all other access.
Next Steps
A more thorough discussion with links to other articles is available in this article: IT Security Refresh: Practical Tips for a Good Foundation. You can use it as a good starting point for a discussion with your IT team.
The three steps in this article are not difficult to implement from a technology perspective. You may need to implement a culture change though if your IT users have become accustomed to wide-open network access. NetCraftsmen can help with this process if your IT team is fully committed to other projects.