Is WannaCry and other malware causing a concern for your organization? Well, if your IT department has not taken the appropriate precautions, you may be at risk and not even know it. Sometimes ignorance isn’t bliss, and it’s a long, costly, miserable weekend spent restoring system files.
While nothing is 100% effective, there are a few easy actions that can be performed by your staff in one to two hours a week that will greatly enhance overall organizational preparedness for an attack:
- Perform a weekly review of system patches required and applied across all company systems. Any unpatched systems should be updated immediately (test systems should be used first when updating a production server to help ensure no unexpected issues arise).
- Automated solutions such as WSUS (Windows) and Puppet (Linux) could be leveraged to reduce the time spent on these tasks.
- Ensure all new/changes to firewall rules are reviewed, tested, and approved before being applied. A monthly review of firewall rules should also be performed to help ensure only appropriate systems and services are exposed.
- Apply a strict group policy that prevents the installation or execution of unapproved applications and the running of macros from office documents.
One last very important step to take is to ensure you have a high-quality, tested, backup solution in place, segregated from your production network, so that should something go wrong, there is a way to restore your data and business operations in a reasonable amount of time.
These are some very basic actions that can be taken today at your organization to reduce the overall risk faced by malware. If you are looking for a detailed analysis of your IT security operations and readiness, Skoda Minotti’s Risk Advisory Services offers IT Risk Assessment and Gap Analysis services, as well as other compliance and vulnerability management and penetration testing services.
Please reach out to Ben Osbrach, CISA, CISSP, CICP, CCSFP, QSA, at 813.386.3851 or Jaike Hornreich, CISA, GPEN, GWAPT, CICP, CCSFP, at 813.386.3853 if you are interested in learning more, or visit skodaminotti.com/risk.