Network security measures that can help mitigate the risk of a ransomware attack

It’s been reported that 66% of organisations were hit by ransomware in 2021*, demonstrating just how relevant it is to ensure you are implementing robust security measures.

Cyber criminals use tools like Remote Desktop Protocol (RDP) to access networks making early detection very difficult. Trusting solely in these tools is not advised and can lead to a host of issues including compromised networks for both your business and potentially your clients.

Here are some network security tips to enhance your protection.

Micro-segment your network
Micro-segmenting allows you to detect and block threats attempting spread across your network. Create small zones and connect them via managed switches and a firewall to apply anti-malware and IPS protection between segments.

Replace remote-access VPN with a Zero Trust Network Access solution (ZTNA)

ZTNA removes the inherent trust and broad access that VPN provides. It uses the principles of Zero Trust: trust nothing, verify everything. To learn more, read Sophos helpful article about the benefits of ZTNA here.

Implement the strongest possible protection

• Firewalls should have TLS 1.3 inspection, next-gen IPS, and streaming DPI with machine learning and sandboxing.
• Remove remote access or RDP system access through VPN, NAT, or port-forwarding, and ensure that any traffic flows are properly protected.
• Endpoints should have the latest next-gen protection capabilities

Patch and update all software and firmware

Use multi-factor authentication (MFA) – Ensure every user and device repeatedly verifies their identity before accessing your network.

Adopt a strong password policy – Consider implementing authentication solutions like Windows Hello for Business.

Quick response in the event of a cyberattacks

Implement and utilize automation technologies and human expertise to accelerate cyber incident response and remediation.

Ensure your network security infrastructure is set up to automatically respond to and active attack, a combination of automation technologies and cyber security expertise will allow you to isolate and contain an attack before it can cause any serious or further damage.

24/7 fully managed detection and response service

We advise investing in a 24/7 fully managed detection and response service. Engaging with specialist Cyber security experts enhances your protection against threats that technology solutions alone cannot prevent.

For more information about any of the security measured addressed in this article or to discuss your business specific cyber security needs, contact us today and one of our cyber security advisors will be delighted to help.