Imagine your computing infrastructure being ‘kidnapped’ for ransom… That’s exactly what happened to several organisations worldwide recently.

As a result of the “WannaCry” and the more recent “NotPetya” or “GoldenEye” ransomware attacks, it has become more important for every organisation to take a second look at network and infrastructure security. The computers and the internet have become basic infrastructure requirements for the modern organisation and the relevant effort needs to be made to ensure that this infrastructure is kept secure for the benefit of not just your organisation, but your clients as well. Here are six points to note…

With the recent leak of highly advanced attack tools into the public domain, it has become extremely important for every organisation to give IT infrastructure security the importance it deserves.

1. Make it a requirement that your IT personnel have an understanding of the prevailing security landscape.
When you understand the dangers of insecure systems, you are much more likely to do something about it. Modern security requirements change regularly and the IT personnel need to be aware of any new attack vectors so as to ensure that such do not exist within your infrastructure. This might involve training, you should make that investment if necessary.

2. Ensure that computer systems are patched regularly.
Does your operating systems vendor still provide security updates for the all the computers you use? Windows 7 and Windows Server 2008 are still widely used operating systems, even though they first hit the market in 2008/2009 period. General maintenance for these two operating systems actually ended in 2015 and both are now on extended support which is scheduled to end in early 2020. This might seem far, but the only thing that this time is really useful for now, is planning how you are going to migrate off these operating systems if you are still on them. Incidentally, unpatched Windows 7 desktops formed the highest number of systems compromised during the WannaCry attack. Have a policy in place to ensure that every computer has the latest security patches.

3. Ensure that you have a proper anti-virus policy in place.
Several anti-virus solutions are able to stop a wide range of attacks that might be possible, even on patched systems. Web browsing habits or social engineering attack via email might result in the infection of a single machine, which could then spread to others within your network via network shares and other valid internal means of data exchange, if not stopped.

4. Ensure that points of presence from your organisation to the internet go through a firewall.
Modern firewalls are a critical component of your network infrastructure. Using these, access to parts of the internet commonly used to distribute malware can be restricted. Attempts by outsiders to penetrate your network using various means can also be blocked.

5. Ensure your staff are properly educated on security issues.
Individual browsing habits, bringing USB drives of questionable source into the office, downloading attachments from emails of unknown or questionable source… These are all ways in which individuals can contribute to your infrastructure being compromised. Only proper education will give them an understanding of what such risky behaviour can cause and the knowledge to avoid these and other areas of risk.

6. Have defined and tested backup and recovery procedures.
Always, always… did I say always.. have regular backups. Anything still on the server does not count in this case.

With the recent leak of highly advanced attack tools into the public domain, it has become extremely important for every organisation to give IT infrastructure security the importance it deserves.

Stay safe.