Preventsomware

The team assesses your organization's IT systems in the context security  of your business functions, environment, staff, customers, web  presence, and intellectual property. We use current threat intelligence  providing further context to the organization's security needs. This  assessment takes several hours for most small businesses some of which  are done on site. The activities include scanning systems for  vulnerabilities, checking WiFi and network configurations, inventory of  IT systems, and interviewing key staff about security procedures and  practices. 

The assessment yields information about the current condition of the  systems, reveals vulnerabilities, and indicators that guide steps to  remediate flaws and mitigate vulnerabilities. It serves as a baseline  from which cybersecurity defenses are built upon. It also provides  insight into the costs associated with the steps that will follow. The  corrective measures taken from the baseline system and network status  often result in more favorable business insurance costs due to the decreased liability the company presents. 

Business systems are vulnerable to many threats when they are not updated promptly. Our process includes the updating of all operating systems,  firmware, and software patches. Where possible, update processes are configured  to automatically check and update from vendor sites during non-business hours. 

Updating and applying patches are the first steps in securing  information systems as many vulnerabilities are mitigated with updated  software. Many updates bring improved functionality as well as security. Your information and business systems are protected from attacks that threaten non-updated systems which represent the industry's low hanging fruit. 

Our technician installs Nord VPN on the systems identified as business essential with a focus on laptops and mobile devices. The VPN hides and encrypts your data traffic.

The VPN ensures end to end encryption, hides your IP addresses, and  hides all traffic passing to and from the protected devices. Hackers who  are looking for vulnerable devices cannot see VPN protected devices  which excludes them from being targeted. 

The technician begins the backup onto the chosen physical storage media  as well as cloud services. The backup is configured to run automatically  at policy driven intervals, usually three or four times a day for files  in use and semi-weekly backup of the entire organization's data. Cloud  storage typically backs up instantly while a file is in use. 

All of your data is duplicated in two forms, physical and cloud based  media. This ensures systems can be restored from the point of the latest  backup. Using two different media builds in redundancy that is  necessary to ensure a failsafe recovery. Should the physical storage be  damaged, restoration can be done via the cloud backup. If the cloud  backup is corrupted or unreachable, your physical storage provides a  solid recovery source. Recovery is guaranteed using these varied media  in combined redundancy. In the cybersecurity industry, redundancy is a  strength rather than an inefficiency. 

Our technician installs Heimdal Enterprise Security on business  essential systems and configures the product to connect to We Know  Cyber's monitoring service. Our staff monitor your dashboard and provide  status updates weekly or whenever there is an incident that requires  attention. 

Continuous monitoring is among the very best practices a business can  implement. It provides our professional cyber analysts information about  the health and security of your systems. Our monitoring streamlines  your security by providing automated processes that are managed in our  secure lab in Newark, Delaware. It ensures they can act in your defense  at the very first sign of danger from malware, suspicious activity, and  ransomware attempts. You don't have to wonder if your data is secure.  You'll know it is and we'll take action immediately to stop all threats  to your business and its valuable information and systems. 

Our technicians visit your site and duplicate the physical backups including system images (entire systems that can be recovered in minutes). This backup is transported to your alternate site or protected in We Know Cyber's fireproof, waterproof, secure vault located in our Newark, Delaware lab.

This procedure follows the 3-2-1 backup model that provides the strongest redundancy to protect your business data. That model includes 3 backups using at least 2 types of storage media (cloud and physical) and 1 physical copy stored off-site. This way if the cloud provider encounters an outage or is otherwise unavailable, there is a physical copy available on-site to restore systems and information. If the on-site physical backup is unavailable as well, the off-site copy can be returned to the site to recover systems and information. The typical off-site backup is performed monthly but can be more frequent depending on the business needs. Off-site backups on a monthly basis does imply that the most recent changes to systems and information since the date of the off-site copy must be rebuilt from other sources. In most cases, these changes become available once the other sources become available again.

Most ransomware attacks against small businesses use products bought on the Darkweb. Our team monitors these products and markets and acquires decryption keys to unlock our customers' data. We Know Cyber maintains a library of ransomware products available on the Darkweb and holds the tools and keys to unlock your data, if necessary. Additionally, we have powerful tools in store and our decryption machines work day and night in our Newark lab cracking encryption at a rate of 12 trillion hashes per second on newly released ransomware products. Let us do the heavy lifting while you run your business. In most cases, there is no need to decrypt files, since Preventsomware processes provide the very best resources and tools to prevent the threats from ever taking hold of your systems and information. 

In rare cases where the data cannot be safely recovered, negotiation  with the ransom holders can be an effective way to decrease the impact  of the attack on your bottom line. Our team speaks in terms that  attackers understand and often capitulate to half or less of the  original demand. 

Few businesses maintain cryptocurrency reserves so we make it possible  to pay a ransom using We Know Cyber's crypto accounts and wallets. You  don't need to get entangled with crypto exchanges simply fund the ransom  and we make the exchange. We maintain the ability, but we have never  once needed to pay a ransom.