[German]Both Microsoft and the vendor Tenable have addressed the question of how to better protect corporate environments against cyberattacks and ransomware infections in blog posts. I have summarized the relevant information in the following post.
Microsoft's advice on hardening the environment
In the blog post 7 ways to harden your environment against compromise, Microsoft not only links its Microsoft Compromise Recovery Security Practice (CRSP), but also provides seven tips for improving security.
- Patch faster
- Actively protect devices
- Reduce attack surface from the Internet
- Reduce privileges for users
- Leverage the power of the cloud
- Reduce "technical debt"
- Look at your logs and respond to alerts
While these are generalities and the details can be read in the linked article. On the "patch faster" point (within 48 hours if possible), I had somethingwritten about that in the blog post Microsoft touts top-notch monthly Windows update efficiency. And regarding the smart advice from point 7 to look at the logs, I refer Exchange administrators to the following tweet.
Looks like Microsoft needs to start with itself and clean some things up.
Tenable hints as ransomware protection
I came across the following tweet from security provider Tenable, which suggests 6 steps that can protect against ransomware attacks.
This document provides the following six tips on what to do to protect against ransomware attacks.
- Scan frequently and all IT systems for signs of ransomware
- Harden and specially protect Active Directory (AD) against attacks
- Reduce privileges of users in the IT environment
- Prioritize, because you can't patch everything
- Eliminate vulnerabilities in IT – but completely
- Measure the measures via appropriate metrics
Details on the individual punctures can be found in the linked document.
Cookies helps to fund this blog: Cookie settings