Ransomware Prevention

FIGHTING RANSOMWARE BY ENHANCING
NTFS ACCESS CONTROL POLICY AND SECURITY

Ransomware attacks have become an epidemic, and the traditional ways of detecting, blocking and fighting such attacks can no longer be relied upon. Organizations trying to fight such attacks use AV solutions to scan the following:

  • Incoming emails and attachments
  • Employee end-point machines (e.g. laptops)
  • Files downloaded from the cloud

However, traditional AV products can no longer be relied upon to detect and block ransomware attacks because they rely heavily on signature-based databases to identify and block malware. They can prevent known threats but fail to safeguard a network against unknown threats and zero-day attacks.

A CENTRALIZED SOLUTION TO BLOCK RANSOMWARE ATTACKS

Cyber criminals have developed new techniques to veil their malware by encrypting or modifying it as a method of disguise so they will not match most vendors’ virus signatures database. This leaves your business vulnerable and at risk.

If ransomware circumvents an AV vendor’s product, it can silently encrypt files and directories until it completes its task. Ransomware can potentially infect all shares a user has access to, including cloud storage locations. As opposed to trying to detect and mitigate the ransomware attack on the users’ end-point machine, Safe-T Software Defined Access enables organizations to deploy a centralized solution to block ransomware attacks when they try to encrypt the organization’s NTFS data stores.

This solution allows mitigating any type of known or unknown ransomware attacks, whether they exist within the organization or will hit in the future. By deploying Safe-T, organizations gain the benefits of a complete enterprise file sync and share (EFSS) solution which provides users controlled and managed access to the organization’s data. At the same time, it prevents crypto lockers and other ransomware attacks from hitting the organization’s NTFS.

COMPLETELY TRANSPARENT TO END USER
SECURESTREAM™ POLICY AND WORKFLOW ENGINE ENFORCES POLICIES AND CONTROL

  • Prevent copying un-allowed files into an NTFS by performing a TRUE TYPE check.
  • Prevent modifying file types and format by performing a TRUE TYPE check.
  • Verify the integrity and authenticity of files worked on.
  • Control the allowed encryption type, file size and type.
  • Control the number of allowed files being copied.
  • Ensure file manipulation is done only through SDE.
  • Track and store file hash for faster file check.
  • Track and logs all user actions.
  • Automatically backup all manipulated files for future use.
  • Integrate security solutions (AV, scrubbing) into any file transfer flow.

BENEFITS

  • Hides enterprise services from the Internet.
  • Blocks ransomware when they try to access files.
  • Protects against any ransomware including Zero-day attacks.
  • Full access control and policy enforcement on any file stored or manipulated.
  • Seamless integration with organization file systems and AD.
  • Simple, centralized and client-less solution.
  • Full logging and auditing of any file manipulation or action.
  • Protect all storage types: Network file storage locations, FTP/SFTP, cloud storage solutions, databases, document management applications, etc.