In our opinion ransomware is the #1 cyber threat to all our clients. We are focused on protecting our clients from these attacks. We follow ransomware news very closely and constantly adjust our standards based on the changing hacking tactics. Our security team’s main objective is ensuring that none of our clients are victims of a successful attack. Here are the steps we take to protect our clients
1. Bullet proof backups
The absolute first thing we do is deploy secure backups. Our backup standard is built on the assumption that the network will be breached, and the attacker will obtain full admin privileges. The backups must be able to withstand this. Our standards have been tested by multiple specialized security firms who were unable to access them.
2. Minimize your exposure
We minimise your exposure by making sure that only services that are absolutely necessary are exposed to the Internet. We will then limit these services exposure by only making them accessible to certain countries. We work with our clients to determine what this list is and will modify it as needs change.
3. Protect the infrastructure with advanced security tools
We deploy a set of advanced security tools that will not only protect you but will also alert our security team if something is not behaving normally.
4. Close the open buffet
Many networks are designed as a fortress or citadel. Once they are breached you can access everything, it’s basically an open buffet. We close this open buffet by segregating systems so that even if an attacker was able to get on a single system it’s very difficult to move to another. The more difficult it is the more chances are the attacker will make a mistake and set off an alarm allowing us time to respond to neutralise the attack.
5. Monitoring and response
We monitor alerts generated by our set of advanced security tools and investigate any abnormality. Our security will respond to any identified threat to neutralize the attack.
6. Train your users
We will train your users to adopt safer computing habits and to report abnormalities to our security team.
We constantly adapt our approach as the threats and security tools evolve. We will also adapt based on the experiences of our peers. We meet with other companies like ours in different markets across North America to share best practices every quarter.