Don’t Let your Network Become Hostage to WannaCry

The WannaCry cyber attack has reached 150 countries (and still counting), which will leave its mark for months and years to come. As the damage is still being sorted out, one story is most prominent –  the story of unpatched devices being connected and having access to the corporate networks.

To think that with one simple action of patching a well-known “Eternal Blue” vulnerability by Hot-Fix released by Microsoft two months ago, organizations were able to delay dramatically the spread of the malware and to a degree even stop the ransomware worm from end-point to end-point.

It’s such a shame that even today, after so many cyber-attacks have hit organizations, they still fail to adopt a very simple but powerful approach to control the risk of devices connecting to the corporate network and especially via remote, VPN access.  Not making intelligent, threat and risk oriented access decisions leads to finding a huge exploit in the backyard of organizations. One simple decision, based on one click, that defines access policy – “do not let in unpatched devices” will make the difference between being cyber-breached and humiliated and being safe and undisrupted.

How can organizations address these critical steps of devices entering the network? One example of a solution that can make the difference without additional configurations, rules or signatures, is Portnox CLEAR. CLEAR is a cloud-based, Security-as-a-Service, which allows organizations to monitor, detect and manage device risks and vulnerabilities along with managing end-point access to corporate networks by remote or local access.

Powered by machine learning, CLEAR constantly analyzes hundreds of different endpoint parameters, including the state of patches for the operating system and for multiple applications installed on a device. In the case of detecting an unpatched system, “Eternal Blue” missing patch, as an example, CLEAR will immediately, in real-time, notify the security officer or IT manager about the high level of risk. If needed, it will even block access for such a device to the network. This will be done in default, no changes to the configuration, and without any additional cost (CLEAR is a SaaS system) to the organization. With Portnox CLEAR, there is an immediate benefit of detecting and removing from the network vulnerable devices that could make your organization potential ransomware victims.

It is clear that ransomware is a complex problem with many different aspects of cyber defense, which requires a wide coalition of multiple products and technologies to fight a kill chain of a cyber-attack. End-point risk and access management should be the center and front of this cyber defense effort.

Take these steps now to remain safe and not allow attacks such as WannaCry to get to your network!