All we have to decide is what to do with the time that is given us.
- Check for weak and reused passwords and enable multi-factor authentication (MFA). This critical step is one of the simplest steps you can take to protect your company. The BlackMatter gang (and other groups) are known to grab user names and passwords found in data breach dumps on the dark web. They try out every credential in an attempt to brute-force internet-facing systems and gain access.
- Be on alert for unusual activity. If your company is like most, your employees and contractors stick to daily work schedules, access the same files and use the same devices from known locations. Unusual activity — like logging in from a new location and accessing files that are not needed for work — can indicate compromised accounts or devices. Unusual activity, especially if it is associated with administrative and service accounts, should be investigated with high priority.
- Watch your data for signs of ransomware attacks. Ransomware doesn’t behave like your HR specialist or your accounting team. When ransomware is deployed, it will rapidly begin to encrypt files it can touch. The account activity may be associated with an employee, but it could be a compromised user account. An automated ransomware program will usually touch and change files sequentially and quickly, behaving differently than a human user.
- Take a data-first approach. Even with the explosion of endpoints, most data now syncs with and “lives in” large, centralized repositories on-prem and in the cloud. Since there are so many vectors to get to your data, even if you could anticipate and monitor them all, you’d drown in security alerts. Instead of starting from the outside in with all the endpoints and vectors, it’s much more practical to start by protecting your large, centralized repositories — and work from the inside out.
- Check for weak and reused passwords and enable multi-factor authentication (MFA). This critical step is one of the simplest steps you can take to protect your company. The BlackMatter gang (and other groups) are known to grab user names and passwords found in data breach dumps on the dark web. They try out every credential in an attempt to brute-force internet-facing systems and gain access.
- Be on alert for unusual activity. If your company is like most, your employees and contractors stick to daily work schedules, access the same files and use the same devices from known locations. Unusual activity — like logging in from a new location and accessing files that are not needed for work — can indicate compromised accounts or devices. Unusual activity, especially if it is associated with administrative and service accounts, should be investigated with high priority.
- Watch your data for signs of ransomware attacks. Ransomware doesn’t behave like your HR specialist or your accounting team. When ransomware is deployed, it will rapidly begin to encrypt files it can touch. The account activity may be associated with an employee, but it could be a compromised user account. An automated ransomware program will usually touch and change files sequentially and quickly, behaving differently than a human user.
- Take a data-first approach. Even with the explosion of endpoints, most data now syncs with and “lives in” large, centralized repositories on-prem and in the cloud. Since there are so many vectors to get to your data, even if you could anticipate and monitor them all, you’d drown in security alerts. Instead of starting from the outside in with all the endpoints and vectors, it’s much more practical to start by protecting your large, centralized repositories — and work from the inside out.
All we have to decide is what to do with the time that is given us.
Gandalf the Gray, Lord of the Rings
- 812 Atlassian subdomains checked
- 689 sites found (84%)
- The average number of public objects per account:
- The total number of public objects found:
- Potentially sensitive info: