Home SecurityNetwork Security What your cyber insurance application form can tell you about ransomware readiness

What your cyber insurance application form can tell you about ransomware readiness

Source Link

It’s that time that I fill out the annual cyber insurance policy application. Each year it gives me an insight into what insurance vendors are using to rate the risks and threats to our business and what they are stressing I should have as best practices. Not having them in place could affect insurance rates and whether I qualify for cyber insurance at all.

This year was interesting because it asked for specific ransomware prevention techniques and protections. Here are the questions that stood out.

Is two-factor authentication in place?

My insurance vendor asked if I had two factor authentication (2FA) in place protecting remote network access. They are reacting to the reality that both virtual private networks (VPNs) and Remote Desktop Protocol (RDP) provide effective access for attackers as well as users. We sometimes leave behind remote access to get into physical and virtual servers, but attackers target these remote access tools to gain network access.

Configure Group Policy Objects that link to all domain controller organizational units (OUs) in a forest to allow RDP connections only from authorized users and systems like jump servers. Remote access for servers should be specifically set up as securely as possible.  

These days, our credentials are our boundaries. Having tools that validate credentials and provide additional protection is key to ensuring that attackers can’t gain access. Conditional access allows you to set up protections based on what the user is doing and mandates additional actions should the user be logging in to a specific role or from an unusual location.

I mandate 2FA for administrative roles but make it optional for uses logging in from previously vetted devices. Additional vetting is in place should the user log in from an unusual location. I recommend designing conditional access so that it balances the need of authentication prompts in a manner that asks for 2FA when the user is behaving in a manner that places the network at risk.

Copyright © 2022 IDG Communications, Inc.

Related Articles

Leave a Comment