- Posted by Alliance Technologies
Almost no one thinks about what they are going to do if their system gets hacked. Of course you want to stop the attack and restore your systems to a functional and secure state. However, this process is fraught with complexity.
How can you be sure that the hackers have genuinely been blocked from your system? Often, the first thing they do on gaining entry is put in new backdoors that are difficult to detect. And how did they originally gain access? Do you dare attempt to restore a system that has been proven to have vulnerabilities?
These are hard questions to face in the wake of a hacking incident, but there are four ways you can prepare your organization to come up with good, reliable answers before the incident even occurs.
Make Disaster Plans
Few organizations intuitively think of it this way, but getting hacked is just a kind of disaster. Your systems have been rendered inaccessible or unsafe; it’s not much different from having a flood hit your server room.
Establishing good disaster-recovery and business-continuity plans and practices can be a lifesaver for businesses that experience computer crime.
Layer Your Security Precautions
The biggest failing in most organizations is in relying on a single method of protecting their systems. Whether they are counting on a perimeter firewall or a client-based anti-virus system, there is almost never a fallback for when that single system is defeated. Everyone in technology knows that, sooner or later, a system without a backup will fail.
The best way to plan for a security breach it is to implement multiple layers of security. A server-based email virus scanner can complement client-based virus scanners; firewalls at each PC and server can provide an additional protection against the failure of the main perimeter firewall.
Educate Your Staff
Most compromises today are a result of someone with sufficient security permissions inside a network inadvertently executing malicious code. This can come from visiting an infected website, opening a virus-laden email attachment, or even just choosing an easily guessed password.
Although there are many automated tools which can help screen for these types of attacks, the signatures they run on are invariably behind the state-of-the-art methods used by hackers. The only sure defense is to make sure your staff know to avoid suspicious websites, don’t automatically click on certain kinds of email attachments, and have good password discipline.
Make A Lot of Backups
An increasing number of hacking threats rely not simply on stealing your data, but on threatening to destroy it as well. Worms search out vulnerable computers across the Internet,infect them, and encrypt all the user data so it’s inaccessible without a code.That code, the hackers will calmly inform you, will cost you tens of thousands of dollars to purchase from them.
The best way to defend against this sort of attack is to make sure you have alternate copies of that important data. Almost every business at least pays lip service to making backups today. Cloud-based services like Carbonite have made it simple to back up important data regularly without having to think about the process. But hackers are on to this defense; new encryption blackmail schemes rely on steps that will also attempt to encrypt the backup copies.
The best way to protect against these new worms is to store multiple backup sets, using different types of media. Few worms are smart enough to catch them all, and you never know when one might fail.
Each of these four steps requires minimal effort compared to the major strain of recovering from a successful hacking incident. Although none of them can be enacted overnight, it’s never too late to get started, and even taking small steps toward each can provide significant protection for your network and data.