It’s no secret that email is a common attack vector for cybercriminals. Email communications are common, and creating a strong email forgery isn’t overly difficult. Most email attacks are delivered via email. For that reason, it makes sense to have a strong email-security-and-filtering solution in place.
You can’t just stop with strong filtering. Some emails still slip through, even with the best email security products in place. This is where other defenses come into play. For starters, try to set your systems up to disable suspicious links and block fishy attachments (such as those with hidden executables in a compressed file). You could also set rules to block specific extension types, like .exe files, to further reduce the risk of someone accidentally downloading malware.
Another important countermeasure involves using a web filtering solution to block bad domains. If someone clicks a link that points to a URL that’s a known phishing trap, web filtering should prevent them from landing on the site. Web filtering helps regardless of how customers land on the site—whether they click a bad link from a search engine or receive a social-media-based phishing scam. SolarWinds MSP offers this with the web protection feature in SolarWinds RMM, which lets you leverage a list of bad domains as well as whitelist and blacklist your own domains.
Finally, make sure to set up your customers’ networks to prevent lateral movement if something does land—and to cordon off any areas with highly sensitive data or risky assets. It’s tempting to put everything on one network, but a little planning can help you contain damage if an attack occurs. Focus on the 20% here that will be most valuable, and keep them separate from the primary network. This way, if someone gets onto your main network, you can either keep them out or slow them down from getting to valuable assets, like important servers or backups. Just remember, security requires multiple layers—so protect your customers’ inboxes—but also try to think outside the inbox.
Today’s threats need the right tools
Cybercriminals certainly do innovate and try new styles of attacks; however, most threat actors use tried-and-true cyberattacks to hit their victims. With the right tools, you can fight back against the most common threats and earn your keep protecting your customers.
Note: This is part three of our National Cybersecurity Awareness Month series. You can read all the posts so far here.
SolarWinds Endpoint Detection and Response (EDR), powered by SentinelOne, is built to help you defend your customers against modern threats against their endpoints. By using artificial intelligence and machine learning, it can detect anomalies on the system and take policy-defined action on your behalf. Plus, in the event of a ransomware attack, SolarWinds EDR can automatically quarantine the file and roll the endpoint back to a known safe state, minimizing disruption to your clients. Learn more about SolarWinds EDR today.
Thomas LaRock is a Head Geek™ at SolarWinds.