The non-profit IT industry trade association cautions that no matter how robust an organisation’s security measures, if employees aren’t aware of the potential threats, internal best practices, and protocols, the organisation is vulnerable to a ransomware attack.
As CompTIA explains, ransomware is a cyber attack that encrypts business information so that users can’t access the files, effectively locking the business out of its own systems and data, with the attackers then demanding a fee to unencrypt the data, returning the systems to normal.
Moheb Moses, co-founder, Channel Dynamics, and director, ANZ Channel Community, CompTIA, says “at a minimum, organisations should have adequate backup and disaster recovery plans in place”.
|
Moses says that channel organisations can play a key role in helping businesses protect themselves and managed service providers (MSPs) must help their clients and employees understand the threats they face and the methods they should follow to protect against those threats.
CompTIA has also identified the top three less-conventional but high-value measures that every MSP should consider offering their clients:
1. A comprehensive security assessment
2. Disaster recovery and backup plan development
3. End-user training.
“By covering these three areas, MSPs can help ensure their customers are protected from ransomware and similar attacks. Everyone who has access to a company’s email and business systems needs to know and follow standard best practices for preventing malware infections and data breaches,” Moses says.
“People remain the weakest link when it comes to securing networks. This makes end-user training one of the most valuable security measures a company can implement.”