- 2 Minutes to read
Protecting the Data
- 2 Minutes to read
The most common threats to your data are:
- Insider threats
An insider threat occurs when individuals close to an organization who have authorized access to its network intentionally or unintentionally misuse that access to negatively affect the organization's critical data or systems. For example, careless employees who don't comply with their organizations' business rules and policies can cause insider threats by inadvertently emailing customer data to external parties, clicking on phishing links in emails or sharing their login information with others. Contractors, business partners and third-party vendors are the source of other insider threats. Some insiders intentionally bypass security measures out of convenience or ill-considered attempts to become more productive. Malicious insiders intentionally bypass cybersecurity protocols to delete data, steal data to sell or exploit later, disrupt operations or otherwise harm the business.
In a ransomware attack, the victim's computer is locked, typically by encryption, which keeps the victim from using the device or data that's stored on it. To regain access to the device or data, the victim has to pay the hacker a ransom. Ransomware can be spread via malicious email attachments, infected software apps, infected external storage devices and compromised websites.
- Viruses and worms
Viruses and worms are malicious software programs, also called malware, aimed at destroying an organization's systems, data and network.
- Other, such as phishing, malvertising, and botnets
Most of these threats can be neutralized by an efficient IT team working in tandem with a security officer.
Preventing Insider Threats
The list of things organizations can do to minimize the risks associated with insider threats include limiting employee access to only the specific resources they need to do their jobs and training new employees and contractors on security awareness before allowing them to access the network.
Each company needs to establish their own criteria for preventing insider threats.
Preventing Ransomware Attacks
To protect against ransomware attacks, users should regularly back up their computing devices and update all software, including antivirus software. Users should avoid clicking on links in emails or opening email attachments from unknown sources. Victims should do everything possible to avoid paying ransom. Organizations should also couple a traditional firewall that blocks unauthorized access to computers or networks with a program that filters web content and focuses on sites that may introduce malware. In addition, limit the data a cybercriminal can access by segregating the network into distinct zones, each of which requires different credentials.
Regular back-ups mean that after a ransomware attack, you can restore the system to a point-in-time before the attack. CTERA has incorporated ransomware protection that doesn’t wait until after an attack but can detect an attack at the beginning and then stop the attack, so that a minimal number of files are affected and require restoring to a point-in-time before the attack.
For details, see Ransomware Protection.
Preventing Viruses and Worms
To reduce the risk of data security threats caused by viruses or worms, companies should install antivirus and antimalware software on all their systems and networked devices and keep that software up to date.
CTERA Edge Filers include built-in antivirus protection. For details, see Antivirus Protection.
For details of antivirus protection, see Managing Virus Protection in CTERA Portal.