The news today that Ransomware having infected systems within the NHS, with the consequences being patient care being potentially compromised, is a stark warning to all businesses that Cyber Breaches can happen anywhere.
The IT Systems that support the NHS will have multiple layers of defence however without effective patch management – which this incident appears to have been caused by, as well as good user awareness training, incidents can still happen.
With this in mind we would like to offer the following security advice to all of our customers to help you protect your IT systems and ultimately your Business.
- We strongly advise our customers to apply the following security update, released by Microsoft on March 14th this year: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx?f=255&MSPPError=-2147217396, if not having done so already.
- Ensure all Microsoft Critical and Security updates are installed for Windows and Office applications.
- Identify other software running on your computers and where possible download the latest versions. In particular free applications like Adobe Reader.
- Make sure you have a tried and tested data backup system in place and is protecting all of your data. Microsoft Windows and applications can be reinstalled but without a backup data can be lost.
- Make sure the Internet Security software installed on your computers – whether that’s McAfee, Norton, Bitdefender or another vendor, has all available updates installed and performs regular full systems scans.
- Ensure your network is protected with a correctly configured firewall. This firewall may also be performing antivirus scanning, content filtering and intrusion prevention.
- Make sure your email provider is performing anti-virus and anti-spam filtering on your emails to reduce the chance of you receiving malicious emails and attachments.
- Ensure all passwords on your accounts including email and banking are complex and do not contain easy to predict details like your name or date of birth.
- If your network has Wi-Fi enabled, ensure the security is strong including having a complex password and if possible does not grant access to your internal resources.
- Make sure your business has plans in place to not only protect your systems but also a contingency plan ready in the event that should the systems your business depends upon become available you know how to react to ensure continuity of operations.
If you would like to meet with one of our consultants to discuss any concerns you may have about your own IT Security or simply to ask how you may be affected by this breach, please call us on 0330 313 0243 and we will be happy to help.