The Challenge
Providing managed IT services for small to medium size businesses across multiple verticals has its challenges, particularly when it comes to convincing them that they need to adopt newer technologies to protect against threats such as ransomware.
Some customers are not interested in IT, and they entrust JPC to take all responsibility to install the right products to protect their environments, while others have limited cybersecurity knowledge and are more focussed on saving money.
JPC General Manager and Solution Architect Ronny Johnsen explains, “with new customers we are able to build the right product portfolio to ensure maximum protection from cyberthreats. With legacy customers they often need to be convinced that they need additional layers of security, and unfortunately, they feel that older technologies such as Antivirus and Firewalls are going to offer enough protection. In many cases they don’t believe they are going to be a cyberattack victim until it’s too late.”
For JPC, the threat of ransomware is the most frightening, Ronny continues, “it doesn’t happen often, but it has major impact when it does. Over the years we’ve dealt with different attacks, one notable incident saw the Norwegian Police involved when critical data was lost during a ransomware attack. The attack impacted an old firewall at the customer site and a local on- premise server. A very important database was encrypted, as were the backups.
Recovery from that incident took around 2 years and it involved recovering data from a 12 year old backup. A very costly and frustrating experience that could have been easily mitigated with the right solution in place.”
The Solution
JPC regularly reviews new technology to ensure they are offering their clients the best solutions for today’s cyber challenges. Previously unfamiliar with anti data exfiltration technology, Ronny was introduced to BlackFog by a trusted advisor who recommended he review the solution.
“Ransomware is the number one concern we have and when I learned more about how BlackFog worked I was interested in to learn more and test it in our own environment,” commented Ronny.
The Approach
JPC tested the solution on their own internal devices and some customer servers. During the one month trial period they saw a lot of connections to countries like Russia and China.
“We had some surprising events during the trial when it came to outbound data flow, on one employee computer we even saw a fitness watch sending data back to China which was interesting! Being able to see the unauthorized data exfiltration and seeing BlackFog automatically take action to prevent it was really insightful.”
JPC noted that during the evaluation BlackFog detected suspicious behavior, such as connections to the dark web, which traditional cybersecurity solutions failed to pick up.
Ronny added, “BlackFog discovered some activities during the trial that we were able to investigate, it was clear to us that BlackFog would serve as a last line of defense and an additional layer when other solutions failed to detect and prevent threats.”
Following the evaluation JPC decided to add BlackFog to its own company devices and servers. BlackFog was also added as an additional layer to its cybersecurity suite for all new customers and an optional solution for its existing customers.
The Results
JPC still has challenges when it comes to convincing some companies that traditional perimeter based cybersecurity tools are not enough to prevent attacks, but for those that have adopted BlackFog there have been zero incidents.
Ronny concluded, “BlackFog is an important solution in our portfolio, and we feel safe and protected from ransomware by having it.
For MSPs or end users who think they don’t need it, my advice would be to give it a try, look at the event logs and see what’s really going on with your data flow, you will be surprised when you see what’s happening on your devices and your servers.
The info you see in the console will clearly tell you why you should be using it.”
Related Posts
Manufacturing Industry Faces Surge in Ransomware Attacks in 2024
Ransomware attacks on the manufacturing industry are rising, with notable cases at MKS Instruments, Brunswick Corporation, Simpson Manufacturing, and The Clorox Company. Learn about the financial and operational impacts and why manufacturers are prime targets for cybercriminals.
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
Enterprise Ransomware Protection: Why it Matters
Why must enterprise ransomware protection be a critical component of any firm's cyber security strategy?
TAG Blog Series 1 – How ADX Supports and Implements Policy
Implementing Anti Data Exfiltration (ADX) solutions is critical for enterprise security. This article provides guidance on establishing effective ADX deployment policies, with a focus on aligning them with business objectives and threat perceptions. Highlighting BlackFog's ADX solution, it explores proactive strategies to prevent data exfiltration, offering valuable insights for practitioners aiming to enhance their security posture.
5 Steps to Ensure Your Enterprise Data Security
Why do enterprise data security strategies need to evolve to cope with a new range of threats?
Ransomware Recovery: Key Steps Every Firm Should Know
What should businesses keep in mind in order to develop an effective ransomware recovery plan?