It’s time to prioritise IT hygiene.
Warnings about ransomware will likely continue in 2021. Yet a critical component of cyber security is still often overlooked in commentary about the topic.
This often-ignored component is the visibility of IT networks and endpoints – a pillar of IT hygiene.
Slow visibility of endpoints can result in lingering uncertainty about what data was compromised. A delay in determining the damage from an attack can leave people uncertain and exposed, destroying trust in an organisation.
In a time when digital transformation has leapt ahead and working from home has increased, it is no longer acceptable to rely on outdated endpoint management tools, policies and cultures. IT hygiene needs to step into the spotlight.
Ransomware makes a compelling use case for focusing on IT hygiene.
Ransomware often targets organisations with endpoints that expose Remote Desktop Protocol (RDP) to the internet. Automated brute-force attacks using common administrator usernames can provide access to these systems. Once successful, the RDP hosts can be used as a foothold to target the rest of the environment. Even if a victim manages to detect or prevent subsequent stages of the attack, failure to identify and resolve these vulnerable entry-points will leave the network susceptible to re-compromise.
This scenario highlights that most security issues are caused by a basic hygiene failure that could have easily been identified and corrected with the proper network visibility and tools, and simple user education.
Five steps you can take now to improve your IT hygiene
Are your security hygiene practises as strong as they can be? Is your organisation ready to withstand the next attack?
Here are five steps your organisation can take now to improve your IT hygiene:
- Assess your organisational obstacles. Are your security and IT ops teams working in tandem? If not, where are the areas of friction and how can these be addressed?
- Know your environment. If your CIO…