As days go on, business continues to run as normal, until the unexpected intrusion or hack occurs. These hacks can compromise servers and valuable data that are essential for a business to run. Being able to determine these vulnerabilities and resolve them before a problem occurs, is a matter that ConexNet takes very seriously.
Recently ConexNet responded to a Ransomware attack for a Chicago based Sign company. Simply restoring the VM's to a time prior to the attack was not sufficient, as we looked to understand why the problem occurred in the first place. This included limiting remote access by closing ports from the outside via the gateway, resetting user domain passwords, and eliminating any vulnerable workstations (such as old and undocumented XP machines). We also quoteda much needed update of Symantec Endpoint Protection for all workstations and servers, as anti-virus adds an additional level of security that cannot be overlooked. The final suggestion we provided was a new gateway device with built in services that are built to prevent advanced security threats from the outside.
This situation is another example of why ConexNet recommends a certain way of doing things. Being able to fix a bad situation is great, but being able to prevent one from happening is even better!