SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    Best small business software for cybersecurity and ransomware protection?
Go
New
Find
Notify
Tools
Reply
  
Best small business software for cybersecurity and ransomware protection? Login/Join 
Go Vols!
Picture of Oz_Shadow
posted
Other than employee training and prevention, is there a solid system that provides good security and ransomware protection for a small business?

Think fewer than 25 work stations and a couple local servers backed up in house and to the cloud.

Certain new security systems seem to be overkill and uncertain because people are not reporting breaches.
 
Posts: 17871 | Location: SE Michigan | Registered: February 10, 2007Reply With QuoteReport This Post
Dances With
Tornados
posted Hide Post
I can't answer that, but I can say something I experienced that made a huge impact.

My previous employer, I left them less than a year ago, their IT department would send out emails purporting to be from a legitimate sender requiring a link in the email to be clicked on to do something.

If you fell for it and clicked on it, all hell would break loose. The PC would start squallering and flashing and raising heck, more than enough to startle you and everybody else in the area. Your manager would come over and gripe and soon you'd get a phone call from the IT department awarding you the dummy of the day award.

It was effective. Prevention is helpful in protection.

Peer pressure is effective. Don't piss off co workers, ya big dummy!
.
 
Posts: 11814 | Registered: October 26, 2009Reply With QuoteReport This Post
Big Stack
posted Hide Post
I think good procedures, and the use of security features built into the various operating systems would go a long way.

Make sure every machine is patched up to date. Make sure they all have up to date antivirus/malware software install and with the most current definitions. Make sure no one is doing their normal use of the computers logged in with administrator level account, only user level accounts. This should prevent malware from implanting, even if it gets downloaded. Train all the users to spot phishing/social engineering attacks.
 
Posts: 21240 | Registered: November 05, 2003Reply With QuoteReport This Post
His Royal Hiney
Picture of Rey HRH
posted Hide Post
quote:
Originally posted by OKCGene:
I can't answer that, but I can say something I experienced that made a huge impact.

My previous employer, I left them less than a year ago, their IT department would send out emails purporting to be from a legitimate sender requiring a link in the email to be clicked on to do something.

If you fell for it and clicked on it, all hell would break loose. The PC would start squallering and flashing and raising heck, more than enough to startle you and everybody else in the area. Your manager would come over and gripe and soon you'd get a phone call from the IT department awarding you the dummy of the day award.

It was effective. Prevention is helpful in protection.

Peer pressure is effective. Don't piss off co workers, ya big dummy!
.


We had something similar except for the bells and whistles.

You get a phishy email and you were suppose to report it and you get a "good boy" pop up message. I don't know what you get if you click on the bait link.



"It did not really matter what we expected from life, but rather what life expected from us. We needed to stop asking about the meaning of life, and instead to think of ourselves as those who were being questioned by life – daily and hourly. Our answer must consist not in talk and meditation, but in right action and in right conduct. Life ultimately means taking the responsibility to find the right answer to its problems and to fulfill the tasks which it constantly sets for each individual." Viktor Frankl, Man's Search for Meaning, 1946.
 
Posts: 19588 | Location: The Free State of Arizona - Ditat Deus | Registered: March 24, 2011Reply With QuoteReport This Post
Member
posted Hide Post
If we get a phishing email, our IT locks your account & sends you an email how to re-enable, that you don't receive, because your account is locked. Roll Eyes
I've had the pleasure of dealing with this 2x. Both times the suspect emails, as well as the it warning, were delivered directly to the SPAM folder, I never saw them even after I got the helpless desk to re-enable my account.
 
Posts: 3297 | Location: IN | Registered: January 12, 2007Reply With QuoteReport This Post
Member
Picture of K0ZZZ
posted Hide Post
Having recently gone through this as a bigger business, with multiple antivirus/malware solutions running and numerous other security measures, email malware filters, etc, it was only backups that saved us. Systems that weren't backed up reliably had to be rebuilt.

Make sure your backups work, and more importantly that your restores work! That you can quickly and easily restore back to "bare metal" or a clean install of an operating system.

If you think about how malware spreads once it gets in your network, it can easily delete/encrypt your backup systems, unless you take measures to protect it. Like, having the backup destination server not be part of your normal domain if you have one, with different admin passwords, etc.


... Chad



http://shotworkspro.com - Much better than scrap paper! Use 'Take5' to get 5 bucks off.
 
Posts: 769 | Location: Colorado Springs, CO | Registered: December 14, 2009Reply With QuoteReport This Post
  Powered by Social Strata  
 

SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    Best small business software for cybersecurity and ransomware protection?

© SIGforum 2024