MELANI, Swiss national Cert organisation, just published warning about the risk of ransomware for medium and small companies. All the infection cases, which MELANI analysed, showed a lack of based IT Security.
Under the identified weaknesses are at two really catastrophic: lack of anti-virus software and not maintaining offline backups. And two which are sadly very common too: ineffective patch and life-cycle management and lack of network segmentation; and excessive user privileges.
Here is the list of weaknesses published by MELANI: lack of anti-virus software or ignoring or not taking seriously anti-virus warnings; poorly protected remote access procedures; ignoring or not taking seriously notifications from authorities; not maintaining offline backups; ineffective patch and life-cycle management; lack of network segmentation; and excessive user privileges.
Keine Kommentare:
Kommentar veröffentlichen