Protection From Malware

Protection From Malware 150 150 CloudGovCo

This malicious software is usually delivered through an innocent looking email attachment or an unpatched computer. For protection in the #cloud and #onpremises implement Security Awareness Training and:

  • Segment networks with Virtual Local Area Networks (VLAN)
  • Implement a zero-trust security framework
  • Classify data based on its sensitivity to loss using CIA (Confidentiality, Integrity and Availability)
  • Understand where important data is kept and create an effective backup strategy
  • Maintain an air gap to backup systems so they don’t become infected
  • Manage network switches out of band
  • Firewalls should quarantine emails with attachments that come from outside the organization
  • Employees should not open attachments from unknown people or addresses
  • Change default passwords across all access points
  • Use multi-factor authentication (MFA)
  • Data recovery programs should be in place and tested
  • Business continuity programs (BCP) should be in place and tested
  • Train staff to recognise suspicious emails
  • Apply software patches to keep systems up to date