From one IT professional to another, I understand your frustrations all too well. I’ve been there, for 16 years now. One day you walk into work, and everything is blissful. And on the next, some foreigner who can barely write English decides to blast an email out to your company with the title “Fedex Packege – Open File to Detales”. One email gets through your filter, and it only takes one person to open the attachment (even though you’ve told them countless times not to open attachments) and just like that, your week has gone from blissful to stressful. People start calling one by one. Your instincts kick in, and you know immediately that you have a problem; your network has been compromised. Of the 500 systems you support, where should you start first?
So, you run the gambit and do the dance…
- Locate the infected system
- Determine which files have been corrupted/encrypted
- Restore data from backup
- Reimage system, setup, install LOB apps and return to end user
After two days of running crazy, here are a few questions to ask yourself:
How much stress and time did this one email cause you?
How much did the interruption cost your business?
What can you learn from the experience to improve your security posture so you’re ready for the next time?
This tale is all too common these days. If you’re like most IT professionals, you’re performing multiple roles. Between support and project work and trying to keep your end users and/or customers happy, you already have your hands full.
WatchPoint offers a Threat Detection and Response Service. Our service will detect and alert you to the intruder immediately, allowing you to see exactly where they were able to get in and exactly what damage has been done, if any. We can then stop the intruder by isolating and deleting any mal-intended files. And lastly, once we understand how the intruder was able to gain access, we’ll update our threat intelligence to better detect future threats.
For more information: CLICK HERE