Safer Internet Day - Acronis shares recommendations to stay safe online
Modern cyberattacks, data leaks, and ransomware outbreaks have all revealed the same thing: cybersecurity is failing. This failure is the result of weak technologies and human mistakes caused by clever social engineering. In cases where a backup solution was working well and wasn't compromised, it usually would take hours and days to restore systems (with data) to an operational state. Backup is essential for when cybersecurity solutions fail; but at the same time, backup solutions can be compromised, disabled, and perform slowly, causing businesses to lose a lot of money due to downtime. To solve these problems, we recommend integrated cyber protection solutions that combine antimalware, EDR, DLP, email security, vulnerability assessment, patch management, RMM, and backup capabilities into a single agent running under a family of Windows operating systems. This integration lets you maintain optimal performance, eliminate compatibility issues, and ensure rapid recovery. If a threat is missed or detected while your data is being altered, the data will be restored from a backup immediately – because of its one agent, it knows that data was lost and needed to be restored. This isn't possible with an antimalware agent separate from a backup product with its own agent. Your antimalware solution may stop the threat, but some data may already be lost. A backup agent won't know about it automatically and, in the best-case scenario, data will be restored slowly — if at all.
Kevin Reed, CISO, Acronis shares his recommendations with The Hans India on this Safer Internet Day. In his 20+ years in cyber security, Kevin has been protecting the network of various organisations, including the 3rd largest bank in Europe, where he implemented cryptographic protection. As a CISO and Vice CIO of Yandex, the $10 billion NASDAQ traded search engine, he supervised the company's security strategy. Now CISO of Acronis, Kevin is in charge of developing cutting-edge security solutions and leads the company's Cyber Protection Operation Centres (CPOC) worldwide.
Kevin Reed - Chief Information Security Officer (CISO), Acronis
Patch your OS and apps
This is crucial, as a lot of attacks succeed due to unpatched vulnerabilities. With a solution, you're covered with embedded vulnerability assessment and patch management functionalities. We track all discovered vulnerabilities and released patches, and allow admins or technicians to easily patch all endpoints with a flexible configuration and detailed reporting. Be sure to patch high-severity vulnerabilities first and follow the success report to check that patches were applied properly.
If you don't use any patch management software, things become much harder. At the very least, you will need to be sure that Windows gets all updates it needs and that they are installed promptly. Users tend to ignore system messages, especially when Windows asks for a restart. This is a big mistake. Be sure that auto-updates to popular software vendors like Adobe are enabled and apps like PDF Reader are also updated promptly.
Be prepared for phishing attempts
Don't click on suspicious links Themed phishing and malicious websites appear in large numbers every day, and are typically filtered out on a browser level; but with cyber protection solutions, you also gain dedicated URL filtering functionality. The same functionality is available in endpoint protection solutions. Remember that malicious links typically come from somewhere: your instant messenger, email, forum posts, etc. Don't click on links you don't need to click, or that you don't expect to receive. Phishing or malicious-themed attachments can come through email, as can the malicious links covered above. Regarding attachments: always check where they really come from and ask yourself if you're expecting them or not. In any case, before you open an attachment, it should be scanned by your antimalware solution.
Use VPN while working with business data
No matter if you connect to remote company sources and services, or if your work doesn't require those activities and you just browse some web resources and use telecommunication tools, always use a Virtual Private Network (VPN). If you have a VPN procedure in your company, you most likely will get instructions from your admin or MSP technician. If you have to secure your workplace yourself, use well-known recommended VPN apps and services that are widely available in software marketplaces, or directly from vendors. A VPN encrypts all your traffic, making it secure in case a hacker attempts to capture your data in transit.
Just having an antimalware defense in place is not enough; it should be configured properly
This means that:
• A full scan should be performed at least once every day.
• A product needs to get updates daily or hourly, depending on how often they are available.
• A product should be connected to its cloud detection mechanisms. It is on by default but you need to be sure that the internet is available and not accidentally blocked for antimalware software.
• On-demand and on-access (real-time) scans should be enabled and react upon every new software installed or executed.
• Additionally, don't ignore messages coming from your antimalware solution. Read them carefully and be sure that the license is legitimate if you're using a paid version from a security vendor.
Keep your passwords and your working space to yourself
Security tip number one: make sure that your passwords and your employee passwords are strong and private. Never share passwords with anyone, and use different and long passwords for every service you use. To help you remember them, use password manager software. Alternately, the easiest way to create strong passwords is through a set of long phrases you can remember. Eight character passwords are easily brute-forced nowadays. Also, even when working from home, do not forget to lock your laptop or desktop and limit access to it. There have been many cases where people could simply steal sensitive information off a non-locked PC, even from a distance.