- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
re: Security specialists in LA that can prepare a company for a ransomware attack
Posted on 5/12/21 at 9:44 am to BottomlandBrew
Posted on 5/12/21 at 9:44 am to BottomlandBrew
quote:
We would have been up shite creek had we not had the backup. They got in to our server that runs our manufacturing plant and that would have been a nightmare to lose hundreds of in-process orders plus the tens of thousands of records of orders that we have to keep.
Great job!
You did it right.
1
Posted on 5/12/21 at 9:50 am to bluebarracuda
quote:
MIS out of Zachary
Is that you Mighty Joe?
Posted on 5/12/21 at 11:03 am to CAD703X
I'm not as dumb as I sometimes look. 
But really, I give all the credit to our IT company - shout out to Network Technology Partners in Nashville. They're great. They educated me on the possibility of it happening and set us up to be able to deal with it. They were very proactive, and truthfully, the cost is not that much. It's not a matter of if you get compromised, but when you get compromised. Better to have a plan and infrastructure in place for when the inevitable happens.
We had a competitor get hit late last year and they did not have a backup in place. They were on rocky ground before the attack, and the ransomware might be the thing that finally sinks their ship. They still haven't recovered five months later.
But really, I give all the credit to our IT company - shout out to Network Technology Partners in Nashville. They're great. They educated me on the possibility of it happening and set us up to be able to deal with it. They were very proactive, and truthfully, the cost is not that much. It's not a matter of if you get compromised, but when you get compromised. Better to have a plan and infrastructure in place for when the inevitable happens. We had a competitor get hit late last year and they did not have a backup in place. They were on rocky ground before the attack, and the ransomware might be the thing that finally sinks their ship. They still haven't recovered five months later.
This post was edited on 5/12/21 at 11:05 am
Posted on 5/12/21 at 11:21 am to BottomlandBrew
you're kind of THE BRAND here in town in your industry IMO anyway so it wont hurt to see a competitor fall on their face.
but it was smart of you to hire that company and they did a fantastic job in the way they structured your disaster recovery. i cant tell you how many times consultants we've worked with haven't delivered on promises made and information has been lost so kudos to not only promising you they could protect you..but delivering on that promise.
but it was smart of you to hire that company and they did a fantastic job in the way they structured your disaster recovery. i cant tell you how many times consultants we've worked with haven't delivered on promises made and information has been lost so kudos to not only promising you they could protect you..but delivering on that promise.
Posted on 5/13/21 at 12:03 pm to shawnlsu
quote:
Is that you Mighty Joe?
suffers short man syndrome.
Posted on 5/14/21 at 9:55 am to BottomlandBrew
quote:
The shite they fall for blows my mind
Anything that you send out that says they can win an iphone, ipad, Apple Watch, etc....multiple clicks
Posted on 5/14/21 at 9:58 am to BottomlandBrew
Yea Global Data Systems out of Lafayette can do similar services for you. At one point in time they had more CCNA/CCNPs working for them than anyone else in Louisiana. They also had one of the top 2-3 CCNPs in the country although I think he finally decided to take the huge money in Silicon Valley and run though.
Posted on 5/17/21 at 10:01 pm to diat150
Protecting a small business from ransomware is not overly complicated but you do need several layers of protection.
One, stop it from coming in with email filtering/protection and employee training to recognize phishing attacks.
Two, detect indications of compromise and disrupt its spread with endpoint detection and response (EDR) on your computer and multi factor authentication on your email accounts.
Three, have verified backup and recovery.
If you’re not already on it, move your company to Microsoft 365 Business Premium. In addition to all of the productivity tools, it also comes with an impressive suite of cyber protections as part of your subscription. It’s the best bang for your buck you’ll find. Depending on your risk tolerance, you can get away with just M365 or add some more robust protections.
My company specializes in small business cybersecurity and this is the approach we take for our clients. We’ve prevented and managed ransomware attacks, paid out zero in ransoms, and not lost any data in our 13 years. We have clients with cyber needs ranging from a mom and pop retail store to a DOD contractor that has to meet CMMC requirements.
I’m happy to sit down and look at your setup and make suggestions at no cost. So as not to feel like I’m spamming the board, shoot me an email to my username at gmail if you’re interested in talking more.
One, stop it from coming in with email filtering/protection and employee training to recognize phishing attacks.
Two, detect indications of compromise and disrupt its spread with endpoint detection and response (EDR) on your computer and multi factor authentication on your email accounts.
Three, have verified backup and recovery.
If you’re not already on it, move your company to Microsoft 365 Business Premium. In addition to all of the productivity tools, it also comes with an impressive suite of cyber protections as part of your subscription. It’s the best bang for your buck you’ll find. Depending on your risk tolerance, you can get away with just M365 or add some more robust protections.
My company specializes in small business cybersecurity and this is the approach we take for our clients. We’ve prevented and managed ransomware attacks, paid out zero in ransoms, and not lost any data in our 13 years. We have clients with cyber needs ranging from a mom and pop retail store to a DOD contractor that has to meet CMMC requirements.
I’m happy to sit down and look at your setup and make suggestions at no cost. So as not to feel like I’m spamming the board, shoot me an email to my username at gmail if you’re interested in talking more.
Posted on 5/18/21 at 7:47 am to PacLSU
Adding to PacLSUs good advice.
One, stop it from coming in via exploits by keeping your systems patched.
Two, disrupt its spread by practicing the principle of least privilege.
Three, the backup location should only be accessible by a special user account that is only used for backups.
I can't stress enough how important the principle of least privilege is in preventing the spread of ransomware. Ransomware inherits the the permission of the user that runs it. If that user has permission to every file on your network, then your entire network is fricked.
One, stop it from coming in via exploits by keeping your systems patched.
Two, disrupt its spread by practicing the principle of least privilege.
Three, the backup location should only be accessible by a special user account that is only used for backups.
I can't stress enough how important the principle of least privilege is in preventing the spread of ransomware. Ransomware inherits the the permission of the user that runs it. If that user has permission to every file on your network, then your entire network is fricked.
Posted on 5/18/21 at 7:52 am to diat150
Trace Security.
Posted on 5/18/21 at 1:42 pm to diat150
They used to have a group called NOLASec which was local professionals who would meet once a month to discuss IT security issues. One of the guys who ran that group used to be a client of mine, but he sold his company to a national company.
Posted on 5/18/21 at 3:16 pm to diat150
Posted on 5/18/21 at 4:27 pm to diat150
Ingalls Information Security LLC located in Alexandria. The founder/CEO is a friend and very experienced in the industry.
Posted on 5/19/21 at 5:23 pm to ArkLaTexTiger
Agreed.
Looks into the company called KnowBe4.
We are actively working with them now.
It's a tool to help teach employees how to detect phishing attempts.
LINK
Use MFA when possible.
Restrict users from having local admin access.
Do nightly backups. We love Azure. They offer system state and file/folder backups.
Try to go cloud based with limited on prem appliances.
Restrict USB ports on corporate computer.
Some companies have been requiring MFA for RDP access internally.
Looks into the company called KnowBe4.
We are actively working with them now.
It's a tool to help teach employees how to detect phishing attempts.
LINK
Use MFA when possible.
Restrict users from having local admin access.
Do nightly backups. We love Azure. They offer system state and file/folder backups.
Try to go cloud based with limited on prem appliances.
Restrict USB ports on corporate computer.
Some companies have been requiring MFA for RDP access internally.
This post was edited on 5/19/21 at 5:31 pm
Posted on 5/21/21 at 1:45 pm to diat150
quote:
I’m more concerned about being able to recover quickly. We are a small shop so I don’t think it makes sense to overdue it on the prevention but being prepared to recover imho would be more important.
I agree. Have regular backups and have the backups done by systems that cannot be affected by the ransomware, so not Windows. I have been involved in the recover efforts of a huge environment of physical and virtual servers and all was done by restoring the servers.
Page 2 of 2
Popular
Back to top
Follow TigerDroppings for LSU Football News