premiere pc circle logo

Q and A : Cyber Attacks

If you suspected your business was compromised by a cyber attacker, what would you do first to find help? If your first thought is to search online, what would your keywords be in the search?

We encounter this all the time and would like to offer some concrete suggestions.

First, contact a local IT firm that either specializes in cybersecurity instead of a local break-fix shop. Usually, you will be searching for Managed Service Providers. MSP’s are better suited to both understand and have the tools readily available to best assist you.

With any compromise, there are two immediate goals. Identify the ingress point and sever access. This process includes looking at your network equipment, servers, and computing endpoints.

Once the entry point has been determined and blocked, it’s time to complete a network forensics review. During this time, each machine is run through several virus and malware scans. In addition, we utilize a threat hunting service that can detect current and past malware footholds.

An often-overlooked part of the process is reviewing the firewall and server configuration to ensure no external access is permitted to internal systems. Eight out of ten times the main ingress point is a firewall rule allowing access to an internal server or other computing resource.

A common error is getting a compromised server cleaned, then putting it back into service too soon. Checking the network level rules before placing servers back in operation is a best practice to avoid more downtime or re-infection.

Ensure that all of your computing devices have next generation anti-virus solutions. Have an enterprise class router with active security services. Always use a VPN to access internal systems from outside instead of Remote Desktop Connections or other similar software, especially when dealing with PII or your own financial data.

Double check your backup policy and data retention rules. Test your backup with a fire drill at least quarterly. Use a company, like us, that offers fully managed backup with human monitors.

With a few simple steps, you can improve your security posture, mitigate your risks, and recover faster from an attack.

 

Managed IT Services

Computer and Network Support

Backup and Disaster Recovery

Cybersecurity

NIST Framework

Surveillance Systems

HIPAA Compliance

Communication and Productivity

Business Phone Systems

Enterprise File Sharing

Hosted Business Email

Email Compliance and Security

Get In Touch

16 W Pointe Blvd, Mauldin, SC
864.335.9223

Contact Sales | Open a Case

About

Meet the Team | Latest News

PremierePC Technology Group, LLC BBB Business Review

Greenville HIPAA Compliance

A fully integrated IT solutions provider for local business clients. Serving the Upstate of South Carolina including Greenville, Spartanburg and Anderson counties.
Physical Address: 16 W Pointe Blvd, Mauldin, SC 29662 | 864.335.9223 | Payment Remittance: PO Box 5293 Greenville, SC 29606
Copyright © 2006 – 2023 PremierePC Technology Group. All Rights Reserved. | Terms and Conditions | Privacy Policy

Secure File Sharing and Content Collaboration with Egnytepremiere pc circle logoCloud IconEmail Security, Compalince and Encryption