Best practices are key to preventing Ransomware exposure:
A commitment to best practices is critical to protecting your network against ransomware. It is essentially a commitment to running regular backups, vulnerability patching/updates, risk analysis, staff training, application whitelisting, incident response, business continuity and penetration testing if possible to proactively detecting any network vulnerabilities.
Read this Microsoft article about the recent ransomware attacks
Ask yourself these basic questions to get a feel for your potential level of exposure to an attack:
- Do we backup all critical information?
- Are the backup’s stored offline or in the Cloud offsite?
- Have we tested our ability to revert to backups during an incident?
- Have we conducted a cybersecurity risk analysis of the organization?
- Is our staff trained on cybersecurity best practices?
- How many staff members have administrative passwords or access?
- Have we implemented appropriate patching of known system vulnerabilities?
- Do we allow only approved programs to run on our networks?
- Do we have an incident response plan and have we exercised it?
- Are we able to sustain business operations without access to certain systems?
- For how long? Have we tested this?
- Have we attempted to penetrate into our own systems to test the security of our systems and our ability to defend against attacks?
What LANtelligence does to prevent exposure:
Here at LANtelligence our ShoreTel servers are set to run regular backups locally and then we store the backups off-site. We run the latest Operating System supported. Our servers and third party software are updated weekly. We are always running within a couple builds if not the latest build of ShoreTel software and associated OS patching levels. We run antivirus and malware detection software on ShoreTel servers. Our server is joined to the domain.
See official Shoretel Service Alert
Every ShoreTel system environment is different and unique but we can all do simple things to mitigate the risk of the system. We understand that not every system can be running the latest software all the time. Or there are some companies not running on domains or don’t have the license for the latest OS. What you can do though is regularly backup your system, keep backups off site, patch your servers and run antivirus software on your ShoreTel servers. If you have any questions about any of these items you can reach out to our Technical Assistance Center and we will be happy to review best practices strategy that meets your needs or if you know that you are ready to explore a solution to help you meet your backup and security needs, we can recommend Fortitude as a good starting point.