Customer information segregated from any other systems is a great idea, the separation of functions and infrastructure is an admirable tactic in protecting all systems. Limiting security privileges to what is necessary for business is common in security defenses, and is something that is typically assessed when companies are close partners or are in a vendor/customer relationship.

Ron Schlecht

Categorized in : Top News

Zero trust always wins, you can't verify that they are who they say they are, so call them after the notification instead of interacting with an inbound call.

If you've been randomly selected for a big prize, vacation, or to enjoy great savings or if all of a sudden the IRS, Medicare, or Social Security Administration needs to get a hold of you for a warrant or penalty, take a deep breath and consider the legitimacy of the call.

The ransom should never be paid, paying the ransom rewards attackers, and propagates the issue. In addition, you don't truly ever know if the ransom will result in access to data or if the ransomware will be completely eradicated. Attackers could upcharge for more or come back later after they reactivate the ransomware.

It is viewed as a negative when an organization has been compromised, most organizations are compelled to report any type of compromise, but management may still see it as an indication of weakness that may negatively affect the organization.