In recent times, the GDK Helpdesk has experienced a significant rise in Internet threats and in particular with Ransomeware such as Cryptolocker and Xepto. In most cases the solution to this problem was to restore from the last known good backup. GDK are taking this opportunity to remind our clients and our contacts of some of the best practices in relation to Internet and eMail usage. We are also making some suggestions below in relation to the Multi layered security approach that is now required to ensure a successful IT business continuity Plan.
- Use a Managed Antivirus product & and ensure it is active and up to date on your Servers, workstations, PC's and Tablets.
- Be careful of opening emails from both known and unknown sources that look suspicious.
- Think twice and remain critical when opening attachments in e-mails or files downloaded from the Internet.
Ask yourself if you trust the source and if they would send you this type of Email in the first place. Email addresses from the sender may be fabricated to look like yours.
Never click links in emails or texts that seem to come from your bank, the Revenue or any other institution. If you think the message might be valid, log into your account directly, without using the supplied link.
- Be cautious with your passwords; don't use personal names, don't share them, make them difficult to break, use complex passwords. Implement a password change policy.
- Avoid using the internet to access your sensitive data in cafes or public places.
- Never leave your devices unattended.
- Keep all software applications up-to-date with the latest patches including Microsoft Operating Systems
- Disable Java on your browser.
- Nothing is free. Be particularly careful of the source for free apps or software.
- Don’t trust anything on the internet (even legitimate Web sites could end up delivering malware).
- Back up your Data on all devices– not just your computer, but also your phone and your tablet ideally in both a local and cloud destination. Test the restore capabilities on a regular basis
What should Business Clients do?
- Implement a robust data recovery procedure
- Implement a multi layered security approach that would include:
- Mail Protection (Includes anti-spam)
- Server & Work Station Antivirus with up to date bit patterns
- Implement a Workstation Management Policy which manages the Patch updating from all software applications.
- Implement Web Protection on all workstations to avoid access to known malware internet sites
- Insist on Firewall protection with additional security at the gateway for Antivirus, Anti Spyware and Intrusion prevention.
- Configure your firewall to ensure remote users are who they say they are.
Call GDK for further information and how we have successfully implemented our Business IT Care plan for many clients.