Checklist: Ransomware protection in the age of flexible working
Ransomware remains a growing threat to any organization, with one estimate suggesting 15.45% of all internet users experienced at least one malware-based attack during 20211. Unsurprisingly, cybersecurity is an increasingly important strategic priority for businesses.
The risk of ransomware infection has increased in recent years, particularly as remote working uptake has accelerated in response to pandemic controls. Research suggests that the rush for remote meant that many organizations have reduced oversight – or relaxed many of their usual security protocols.
When it comes to ransomware, most of the focus is on restoring access to encrypted data as quickly as possible. However, it’s worth remembering that cybercriminals will often exfiltrate files for additional blackmail purposes, demanding further payments to prevent sensitive information being leaked.
Fewer businesses deployed network security (down 5%) or end user monitoring tools (down 6%) during 20212. Without effective endpoint monitoring and security, the risk of becoming a ransomware victim increases substantially.
Endpoints have always been a weak link in corporate security, often the easiest attack surfaces available to hackers. But remote working practices have moved those endpoints outside the network perimeter, making it even harder to manage and mitigate security. The proliferation of endpoints gives attackers a greater choice of potential targets, further increasing their chances of success.
To prevent a significant ransomware outbreak, an effective ransomware strategy must work on several different levels. As remote working becomes a routine aspect of operations, organizations must refine and strengthen their endpoint protections – particularly in relation to how they detect and block ransomware infections.
This guide acts as a practical checklist, helping you to assess how wellprotected you are against ransomware at the network edge – and where you must improve your defenses – including:
- Endpoint ransomware detection
- Endpoint configuration
- Backup provisions
- Offloading operations
- End user training
- Incident response planning