Products > Security
Hackers hold a city hostage!
james_s:
No, it's never the lesser of two evils. Paying the ransom, negotiating with terrorists, it's legitimizing their tactics and encouraging it and anyone who does so should face punishment. I don't care what the alternative is, by the time someone like that has you over a barrel it's too late.
Berni:
Well security is not a easy thing to do.
New exploits are constantly found in software, so something that is considered pretty secure today might be vulnerable tomorrow. The IT staff have to constantly be up to date on the latest security trends and upgrade the servers as needed. It's not so easy to isolate a machine on a network. The clients will often want extra functionality and as this happens again and again there is more crap running on servers, and that crap wants to talk to other stuff etc..
But its not all about security, if someone is determined enough they can get in. Its more about having a backup of all critical systems. If a machine is important enough to be worth paying $10 000 or more to unlock it from ransomeware then that machine must have a full backup log somewhere in a safe place. And most importantly a backup need to be tested to work. It happens all too often that backups are in place, but when shit hits the fan and the machine has to be restored from a backup, it then turns out the backup image doesn't work.
madires:
The damages including paying a ransom might be covered by an insurance policy. Increasing IT budgets is the right starting point, but the money has to be spent reasonably. Buying one expensive big box doesn't magically provide security. The IT infrastructure needs to be migrated from a single large LAN to cooperative islands to limit any impact of malware. Apply appropriate security practices. Backup, backup and backup! Train users on basic security and asking IT support if unsure about anything. Train IT staff on best current security practices. Set up network monitoring to spot problems early and check logs.
orion242:
--- Quote from: madires on June 21, 2019, 09:25:08 am ---The damages including paying a ransom might be covered by an insurance policy.
--- End quote ---
Since you have no idea who your paying, you cannot be sure your not funding terrorists or others under sanctions. Don't expect insurance to hand out cash blindly, it won't happen.
Electro Detective:
If serial cheapskate corporats don't want to employ and or pay good IT staff decent money to carry their problems 24/7, |O
then let them pay out more on the Rware instead, >:D
and pray the accountants can do something about the loss. :horse:
--- Quote from: orion242 on June 21, 2019, 09:54:46 am ---
..Since you have no idea who your paying,
you cannot be sure your not funding terrorists or others under sanctions..
--- End quote ---
But you can be 99.9% sure of funding disgruntled employee/insiders, >:( :rant:
shafted ex IT personel and or suss temp fill in geeks,
or a partner with expensive bad habits that wants to financially cripple the business
so one of his mates or rels, or his irate loan shark can buy it for a box of donuts. >:D
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version