AI Responsibly with ndMAX
According to Cisco’s “2021 Cyber security threat trends” report, the biggest threats in 2020 were cryptomining, phishing, trojans, and ransomware. These last two are types of malware — a term short for malicious software.
In their research, Cisco found that 50% of organizations encountered ransomware-related activity, and 48% found information-stealing malware activity.
The bottom line is malware is common, and no organization is immune. It’s up to your team to learn about malware and the best ways to prevent an attack from victimizing you and your clients.
Malware is a term for illicit programs or scripts that infect computer systems to exploit, disable, or damage a device or network. It’s common for people with ill intent to use malware to:
Types of Malware
Part of what makes malware difficult to fight is the sheer amount and variety of it. Malware includes:
These different types of programs all take advantage of chinks in your system’s armor. Because of this, your team needs to recognize potential vulnerabilities in your networks and related computer systems and use the best possible tools to prevent successful attacks.
It’s a bit of a misnomer to say “prevent” malware attacks. You can’t stop someone with nefarious intent from trying to cause harm. What you can do is take steps to identify malware attacks and block them from damaging your organization and clients. You must recognize and address your physical and cybersecurity vulnerabilities.
You’ll need the right tools to do that.
You’ll want to consider software at multiple levels. On one level, you’ll want a program to combat malware specifically. For example, antivirus software can monitor your systems, recognize an attack, and block it.
On another level, you want to consider each software solution your organization adopts. Every solution should offer security features, such as multifactor authentication, custom user access rights, data encryption, and more.
Each piece of software your organization uses will need updates. It should evolve and offer better security over time. It’s best if your team develops and follows a process for identifying, testing, and implementing updates as soon as possible.
One benefit of relying on a SaaS vendor is that it handles hardware and software upgrades for you and the other tenants with minimal or no service disruptions for your users.
You should carefully determine who can access particular data and physical equipment. This goes for team members, guests, and anyone off the street. No one should be able to walk into your offices and gain access to a computer. And not every team member needs access to all of your sensitive and confidential information, no matter how trustworthy they are.
A helpful security concept is the least privilege model, also called the principle of least privilege or least access. Every person on your team should have the minimal number of permissions or access rights they need to do their job and no more.
Minimal access also includes limiting administrator accounts. Many forms of malware obtain the access privileges of the user they invade. Unnecessary admin accounts offer too much access, whereas non-admin accounts keep malware from sensitive information or aspects of your network because the compromised accounts don’t have access rights to that data.
Another factor is a robust bring your own device (BYOD) policy. Address how and on what devices your team members access their work. Individuals who use personal phones, laptops, and tablets for work can create vulnerabilities that are difficult for you to see and control.
As for the devices you provide your staff, limit application privileges. You shouldn’t allow your team members to download anything and everything they want on work phones and laptops.
Authentication is another multilayered tool against malware. Start with education first. Your team should understand why all of these practices — as annoying as they may seem — are important. Helping them appreciate benefits for creating strong passwords, using a dedicated password manager, and turning on multifactor authentication can improve their adoption of these defenses. Other options may be third-party identity providers and even biometrics such as a fingerprint.
It’s important to monitor all the user activity in your system. Not because your organization doesn’t trust its team, but because suspicious activity can be a sign that malware has infiltrated through your defenses. You should be aware of ordinary, baseline user behavior and be on the lookout for unusual activity.
One way to protect your information is by working with a secure document management system (DMS). As a leading cloud-based DMS, NetDocuments offers top-of-the-line security measures to reduce your vulnerabilities and help keep you safe from malware. Our platform enables you to follow best practices, like the principle of least privilege. We also prioritize staying up to date on the latest malware threats and deploying security patches whenever necessary.
NetDocuments also features ransomware detection for documents that are synced to local devices. By detecting items that are being changed rapidly or when items are quarantined by local antivirus, our ransomware circuit breaker automatically disables the sync back to the platform so that any further manipulation is prevented. Our document snapshots and versioning also make reverting those unwanted changes simple to roll back. It is easy to both purge the affected content and get you back to a clean state quickly. Although this feature was primarily introduced to combat ransomware, any mass infection of documents synced locally would be detected using the access and quarantine pattern monitoring.
Learn more about how NetDocuments complements your organization’s security measures.
