Logo of aikux.com GmbH - please select images or download images
   

Ransomware: what can I do about the threat of encryption?

  
 

Dear Customer

Due to the current situation, we are revisiting the subject of extortionate encryption software (ransomware), because this is where the threat to IT security from malware, but also from individual misconduct, is particularly evident.

Companies whose data has been almost completely encrypted have also been affected among our customers!

The administrators in companies themselves can subconsciously become the greatest danger. Out of ignorance or recklessness, the Internet is then used with an administrative account or work on the computers and in the network. It's not a new finding that In this case, an attack hits a company network with all the more severity.
 
A nasty and painful surprise! The damage and loss of time can be significant.
How could this happen ...?

The current attacks with ransomware make it urgently necessary to adapt the way of working in the company to this new danger and to change course now.

Hence our urgent recommendations:

  • Check the rights of the account you are using and assign a maximum of normal user rights for daily work
  • Downgrade the administrator account and create a new account with administrator rights
  • Use a privilege system: ie no longer assign rights directly to users, but to applications: everything could actually work with "guest rights" (keyword: Power Broker)
  • Dare to switch to the white list principle! Only allow the applications that you know! This procedure should be used in parallel with the use of a good virus scanner.
  • Set proper rights on the file system level: Because only where the attacked user can get access can it be encrypted!
     

An enlightening and deep Insight into their current authorization situation on your fileserver offers you already the free trial of the software we have developed migRaven, Try it! Free demo version for download

On this topic we would like to deepen ours authorization workshop recommend. You will get to know and understand the correct and proper allocation of access rights as the basis of all data security. aikux.com offers this one or two day workshop on the topic of file server permissions.


With kind regards,
the aikux team

 

More on this topic:


Access Rights Management (ARM) with 8MAN Enterprise:
 http://www.aikux.com/produkte/8man-enterprise/

Lumension® Application Control:
http://www.aikux.com/produkte/application-control/

migRaven - The Fileserver Authorization Tool:
http://www.migraven.com/ 

 

More from aikux.com:

We've moved!

Our new rooms are only about 2 km away from the previous location in Oldenburger Straße. The telephone numbers have remained the same, please use our new address for correspondence:

aikux.com GmbH
Alt Moabit 59-61
10555 Berlin / Germany 

The aikux video portal:
 http://www.aikux.com/videos/ 
 
Blog: Permission, Migration, Replication:
http://www.fileserver-tools.com/
 
Feedback on the aikux newsletter:
 http://www.aikux.com/newsletter/

 
 

aikux.com GmbH
Old Moabit 59-61
10555 Berlin / Germany
 
Tel: +49 (30) 8095010-40
E-Mail: info@aikux.com 
 
HRG: District Court Berlin (Charlottenburg)
HRB no. 131727
Managing Director: Thomas Gomell

  
     
 

This mail was sent to: info@aikux.com sent.

To unsubscribe, please use the following link:
http://www.aikux.com/abmeldung/