SHOW
There are numerous ways and best practices to protect your system from malicious cyber-attacks. Here are some key methods that we have identified for safe system protection:
Antivirus software, or anti-malware, is a type of computer program that detects and removes malicious applications. Once installed, the software usually runs in the background, providing real-time protection against viruses, trojans, worms, and other malware.
Most antivirus solutions support both automatic and manual scanning. Automatic scans may inspect downloaded files, external storage devices, and files created by software installers. Automatic scans of the entire hard drive are usually performed on a scheduled basis, while manual scan capabilities allow users to scan specific files or the whole system whenever they deem it necessary.
Although anti-malware products are responsible for preventing, detecting, and removing malware, they usually don’t have built-in data protection capabilities.
This means that in the event of a successful security breach where files are infected and corporate data is encrypted or deleted, traditional antivirus solutions can’t aid in recovering the affected data.
Anti-ransomware software specifically detects and deletes ransomware. While anti-malware solutions can usually detect many forms of ransomware, anti-ransomware tools differ in their ability to stop ransomware once it has executed and to revert any changes made, such as file encryption.
To revert changes and rollback the system and files to a known good state, anti-ransomware products usually rely on backups or shadow copies to restore clean data. More advanced ransomware variants, however, target and delete or encrypt backups and shadow copies, making recovery almost impossible. To guarantee protection, anti-ransomware solutions must also safeguard the repository they’re using to recover clean files in the event of a breach.
One of the best ways to protect your data is to back it up. Copying your data to external storage (whether in the cloud or on-premises) lets you recover your systems if any malware manages to get past your defences. Backups may also be useful in the event that a patch renders the system unstable.
There’s a well-known rule in the backup industry to ensure efficient data protection: Keep three copies of your data (one as production data, and two as backups), stored on two different locations (e.g. on disk and on tape), with one copy off-site (e.g. in cloud storage) for disaster recovery.
Traditional backups are not truly secure, as they’re vulnerable to attacks, breaches, and modifications. This could lead to backup data being deleted, encrypted, or infected with malware. In the event that both your systems and backups are compromised, you won’t be able to restore your environment. Many security oriented backup solutions have built-in self-defences, while more advanced anti-malware products may offer the ability to scan backups for malware. Another flaw of traditional backups is that they’re usually performed on a schedule. If a file is corrupted between backups, you’ll only be able to recover it to the state of the most recent backup, which could be days or even weeks earlier. Advanced backup products feature the capability to back up changes to critical files on a continuous basis, ensuring a more efficient recovery without data loss.
Software solutions often have millions of lines of code. Companies try their best to test their solutions before release, but bugs and vulnerabilities are commonly found afterwards. To fix these issues, companies release patches (code changes that fix bugs and other issues) or hotfixes (which fix very concrete bug/issue, not always publicly released). Patch management is the process of helping users to identify, download, install, and verify patches, to ensure systems and applications stay up to date and therefore secure. This can all be quite rigorous and time-consuming for IT administrators, but automated solutions make it much easier.
Keeping business-critical applications and operating systems up-to-date increases the overall security posture and strengthens the operational capabilities of an organization by fixing bugs, issues, and vulnerabilities in software solutions. Patches are frequently issued for popular applications as a preventive measure against cyber breaches.
URL filtering is a technology that blocks access to known malicious websites. It is mainly used to prevent users from reaching:
In strictly regulated or high-risk environments, it’s a good practice to also block URLs that aren’t explicitly malicious but do pose a potential threat, such as fake news websites or social media platforms.
Firewalls have served as a first line of defence for over 20 years. They act as a security barrier between internal networks and external ones — such as the internet — by monitoring incoming and outgoing traffic, and blocking risky or malicious actions based on a predetermined set of security rules. Firewalls may be software, hardware, or virtual appliances.
Surfing the web usually leaves traces that are easily associated with your internet protocol (IP) address — a unique set of digits that identifies your device. This is especially dangerous when connected to public or unprotected Wi-Fi networks, as any data transmitted through your online sessions (including browsing history, PII, and location info) could be eavesdropped upon by cybercriminals who’ve managed to gain escalated privileged access to the network.
A VPN serves as a secure gateway that connects your device to another server on the internet, allowing you to browse safely by using the server’s IP address instead of your own. VPNs also create a security tunnel between your device and the server, encrypting all traffic between them.
