The NYDFS released this notice yesterday. While they are issuing the alert concerning the heightened risk of cyber attacks from Iran, nothing in this notice is new. The list is basic hygiene steps your company should already have in place:
- Patch
- Multi factor/two factor authentication (it makes me sad how many companies call us and admit they don’t have two factor turned on for o365)
- Have a DR plan (and please test your backups, don’t just assume you can restore). Recovering from encrypted drives is not the time to create the plan.
View Press Release on NY DFS Issues Alert Here
Patching
If turning on automatic updates is not possible for your organization, and patching is overwhelming, review the CVE database for the software (and hardware) you are using. Prioritize from the top down. I’m going to take an educated guess and give you the list for the top vulnerabilities we keep coming across:
- List of Adobe vulnerabilities on the CVE website
- List of Microsoft vulnerabilities on the CVE website
- List of Java vulnerabilities on the CVE website
Multi-factor / 2FA
If you are using Microsoft Office 365, review this link on setting up and enabling multi-factor authentication for your office tenant. You will need the administrator of o365 to enable this. There shouldn’t be any cost to this.
Backup
When was the last time you tested a restore? If your IT operations are outsourced, in addition to the reports you receive of the number of files backed up, ask the provider to prove restores work. Monthly, request a restore of a document or spreadsheet. This proves the process works. Ask the provider what their plans are in case of a ransomeware outbreak. Are the backups disconnected from the live system? If the current backup process copies files to an attached USB drive or network share, when the ransomeware breaks out, those destinations are vulnerable. A copy of your backup files must be detached to be truly protected.
As always, contact OCD Tech today with any questions.
