Your IT Department

Protect Your Firm Against Zero-Day Attacks

Protecting your business against the latest cyber threats should always be a top priority. Updating antivirus and patching your operating system is a great way to start.

However, antivirus and patches work like immunisation, they protect you against viruses that we already know about. But what happens when a cyber threat appears that hasnโ€™t already been seen.

Security threats that exploit previously undiscovered vulnerabilities in the computer are known as zero-day attacks. The name “zero-day” is designed to imply how long since the vulnerability was discovered. The term also indicates that system developers have had zero days to fix it.

A newly discovered attack might be packaged into a computer virus or worm. This will allow it to spread far and wide while inflicting the maximum amount of damage possible.

Eventually a cure will be found and then we can immunise against it in the future. But, when spread successfully, a new exploit has the potential to reach hundreds or thousands of computers before an operating system or anti-virus update can even be issued.

The good news is that there are ways in which we can protect your business or lessen the damage from zero-day attacks.

Preventative security

A Watchguard Firewall. Firewalls are your first line of defence against zero-day attacks

The number one way to mitigate the damage from any attack to your system is to prevent it from happening in the first place. Maintaining a good firewall and up-to-date antivirus is the best step you can take to ensure the security of your system. This is like making sure all your immunisations and jabs are up-to-date.

A firewall, monitoring traffic in and out of your network, reduces unauthorised entry over the network. Even without knowing the exact nature of the attack, suspicious activity travelling in and out of the system can be stopped.

The same is true of modern Antivirus. Even when it cannot identify the specific zero-day attacks from its virus database; it may be able to identify malicious intent from learned behaviour in the system.

A Locked Down Network

Should a zero-day threat make it into your network, our next goal should be to limit its effects. Because we restrict user access to only essential files and systems, we can limit the damage done to the lowest number of systems.

Good security policy dictates that each account should only have access to the systems needed to complete that particular user’s job. For example, users from the accounts department shouldn’t have access to sales department databases.

Businesses are often concerned about implementing these kinds of policies, thinking that it looks like they donโ€™t trust staff. But using these types of policies means damage of a single compromised account is limited to only the network area it operates in. As a result the impact is reduced and remedial actions are easier.

Good Data backup

Whether your entire network has been exploited or only a small area has been affected; good data backups are your protection against any major lasting damage.

Ensure your backups conform to the 3-2-1 standard. 3 backup copies, using 2 different media types with 1 copy kept off-site.

Image showing the 3-2-1 rule for backups. 3 backup copies, using 2 different media types with 1 copy kept off-site.

Having a good backup is not just about creating regular backup copies of your data. It also means having the procedures in place to restore this data quickly and efficiently.

Reliable and well-tested backups are worth their weight in gold. Knowing your data is safe and your system can be recovered is, above all, peace of mind against even the most highly destructive zero-day attacks.

Advanced Threat Protection (ATP)

As the name suggests Advanced Threat Protection provides additional protection which goes above normal antivirus and email filtering. One of the areas they offer greater protection against is zero-day attacks.

The ATP service we utilise with our clients is Barracuda Advanced Threat Protection (BATP). This is an integrated cloud-based service that consists of multiple layers of threat detection, combined with machine learning techniques.

Each detection layer is designed to progressively eliminate threats at different levels of severity and complexity.

The service also analyses inbound email attachments in a separate, secured cloud environment, detecting new threats and determining whether to block such messages.

Full Cover Protection Against a Zero-Day Attacks

Used in combination these techniques can prevent, protect, and mitigate against the kinds of threats that even the top security firms haven’t patched yet. We think it’s important to keep your firm secure whatever it might come up against in the future.

How We Can Help

Here at Your IT Department we provide cyber security as part of our Managed IT Support contracts and as standalone services.

If you need support getting ahead of the cyber criminals then contact our experts today! Call us on 0115 8220200 or completed our Contact Form.

Bonus! FREE eBook & FREE Cyber Security Assessment

We offer a FREE cyber security assessment. Find out if your business needs one with our eBook โ€˜Does Your Business Need A Cyber Security Assessmentโ€˜