Long gone are the days where hardware failures due to flooding, fires, or lightning are the biggest threat to your Agency IT posture. Ransomware and malicious hackers have arrived, and their attacks on Public Safety and Government agencies are only increasing across America.
Caliber has seen the damage that these devastating attacks can cause, and we urge all agencies to take action to ensure you are following technology best practices for network and physical security and that you have a disaster recovery plan in place. Disaster Recovery
Data Backup – Caliber highly recommends that all agencies take a strong interest in what your data backup and recovery procedures are.
QUESTIONS TO ASK WITHIN YOUR AGENCY:
- Does the agency have a CAD Database Backup?
- What backup contingencies are in place?
- Does the agency have an offsite copy of the database; on a physical device or cloud-stored?
- Are we prepared to recover from a Ransomware attack?
- Backups: ***Most Important*** The most effective way to handle ransomware attacks is to be prepared for one. Use the 3-2-1 backup rule. Keep at least THREE separate versions of data on TWO different storage types with at least ONE backup stored offsite. If you are not confident that your CAD system is properly backing up or if you need set up assistance, contact Caliber Support today: email@example.com
- Patch Vulnerabilities: Reduce the vulnerabilities in your operating systems, browsers, and other applications by routinely applying all available updates.
- Educate End Users: Add cybersecurity awareness to your training calendars and regularly ensure that your staff can identify and avoid common security pitfalls such as clicking on advertisements, links, or downloading attachments in emails where they do not know the sender or are not expecting an attachment or link from the sender.
- Secure or Eliminate Remote Desktop Access– 64% of ransomware attacks in 2019 relied on “RDP” (remote desktop protocol) as its initial entry point to a machine. While Remote Desktop is built into most versions of Windows and is convenient to use, there are many 3rd party tools available that provide adequate security. If you absolutely must use Remote Desktop, ensure that the RDP ports are not open to the internet and that access is restricted based on IP or MAC address, and implement token-based authentication for access. *Caliber staff will never ask for RDP access to your environment. As part of our service, we utilize a secured remote access appliance; Bomgar.
- Employ Email Filtering: Second to Remote Desktop Access, 30% of malicious attacks start with your inbox. Enable strong spam filters on your mail server to prevent phishing emails from being delivered and authenticate outbound emails to prevent email spoofing. Additionally, scan all incoming and outgoing emails to detect threats and filter all executable files from ever reaching end users.
- Logically Separate Networks: Mitigate data loss in the event of a ransomware attack by separating your networks according to task or department.
- Consider Using an Intrusion Detection System: Cut off ransomware attacks in their early stages using continuous monitoring to detect signs of anomalous or malicious activity in real-time.
Caliber Hosted Solutions
Caliber solutions at Nlets data centers have been designed with N+1 redundancy across all platform components so that no single point of failure exists. All servers are virtualized to allow for rapid recovery from server failures. The Nlets data center is designed to meet the standards of a critical infrastructure services data center with fully redundant power, network, and environmental controls. For all solutions in the Caliber Public Safety cloud, Caliber is taking full database backups weekly as well as incremental database backups every night. In addition to the traditional database backups that are continually occurring, real-time database replication is in place 24/7 to redundant data centers. Site-level Disaster Recovery (DR) plans are in place, allowing business continuity of the cloud solutions in the event of a datacenter level failure.
Security Article Recommendations: