Risk Advisory Services Blog

malware

Don’t Wanna Cry? How IT Controls Help Prevent Malware Infections

Is WannaCry and other malware causing a concern for your organization? Well, if your IT department has not taken the appropriate precautions, you may be at risk and not even know it. Sometimes ignorance isn’t bliss, and it’s a long, costly, miserable weekend spent restoring system files.

encrypt

While nothing is 100% effective, there are a few easy actions that can be performed by your staff in one to two hours a week that will greatly enhance overall organizational preparedness for an attack:

  1. Perform a weekly review of system patches required and applied across all company systems. Any unpatched systems should be updated immediately (test systems should be used first when updating a production server to help ensure no unexpected issues arise).
    • Automated solutions such as WSUS (Windows) and Puppet (Linux) could be leveraged to reduce the time spent on these tasks.
  2. Ensure all new/changes to firewall rules are reviewed, tested, and approved before being applied. A monthly review of firewall rules should also be performed to help ensure only appropriate systems and services are exposed.
  3. Apply a strict group policy that prevents the installation or execution of unapproved applications and the running of macros from office documents.

One last very important step to take is to ensure you have a high-quality, tested, backup solution in place, segregated from your production network, so that should something go wrong, there is a way to restore your data and business operations in a reasonable amount of time.graphic

These are some very basic actions that can be taken today at your organization to reduce the overall risk faced by malware. If you are looking for a detailed analysis of your IT security operations and readiness, Skoda Minotti’s Risk Advisory Services offers IT Risk Assessment and Gap Analysis services, as well as other compliance and vulnerability management and penetration testing services.

Please reach out to Ben Osbrach, CISA, CISSP, CICP, CCSFP, QSA, at 813.386.3851 or Jaike Hornreich, CISA, GPEN, GWAPT, CICP, CCSFP, at 813.386.3853 if you are interested in learning more, or visit skodaminotti.com/risk.

New Call-to-action

This entry was posted in Mailchimp RSS, Risk Advisory Services and tagged , , , , , , , , , , , , , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Comments are closed, but you can leave a trackback: Trackback URL.
© Copyright 2017 Skoda Minotti | Privacy Policy | Disclaimer | Remote Support
Cleveland 440-449-6800 | Akron 330-668-1100 | Tampa 813-288-8826
Website designed and developed by Skoda Minotti Strategic Marketing