Ransomware-Protection

Fighting Ransomware by enhancing
NTFS Access Control Policy & Security

Ransomware attacks have become an epidemic, and the traditional ways of fighting such attacks can no longer be relied upon to detect and block them. Organizations trying to fight such attacks use AV solutions to scan the following:

  • Incoming emails and attachments
  • Employee end-point machines (e.g. laptops)
  • Files downloaded from the cloud

However traditional AV products can no longer be relied upon to detect and block ransomware attacks, because they rely heavily on signature-based databases to identify and block malware. They can prevent known threats but fail to safeguard a network against unknown threats and zero day attacks.

 

Cybercriminals have developed new techniques to disguise their malware by encrypting or modifying it as a method of disguise so they will not match most vendors’ virus signatures database. This leaves your business vulnerable and at risk.

 

If ransomware circumvents an AV vendor’s product, it can silently encrypt files and directories until it completes its task. Ransomware can potentially infect all shares a user has access to including cloud storage locations.

As opposed to trying to detect and mitigate the ransomware attack on the users’ end-point machine, Safe-T Secure Data Exchange (SDE) enables organizations to deploy a centralized solution to block ransomware attacks when they try to encrypt the organization’s NTFS data stores.

 

This solution allows mitigating any type of known or unknown ransomware attacks, whether they exist within the organization or will hit in the future.

By deploying SDE, organization gain the benefits of a complete enterprise file sync and share (EFSS) solution which provides users controlled and managed access to the organization’s data, and at the same time, preventing crypto lockers and other ransomware attacks from hitting the organization’s NTFS.

 

The solution is completely transparent to the end user, and is based on Safe-T’s SecureStreamTM  policy and workflow engine, which enforces the following policies and control:

  • Prevent copying un-allowed files into a NTFS, by performing a TRUE TYPE check
  • Prevent modifying file types and format, by performing a TRUE TYPE check
  • Verify the integrity and authenticity of files worked on
  • Control the allowed encryption type, file size and type
  • Control the number of allowed files being copied
  • Ensure file manipulation is done only through SDE
  • Track and store file hash for faster file check
  • Track and logs all user actions
  • Automatically backup all manipulated files for future use
  • Integrate security solutions (AV, scrubbing) into any file transfer flow

diag

Request a demo

Safe-T Secure Data Exchange Brochure 

Register For Our Webinar

Safe-T Secure Data Exchange Ransomware Protection Solution offers the following benefits:

  • Hide enterprise services from the Internet
  • Block ransomware when they try to access files
  • Protect against any ransomware including Zero-day attacks
  • Full access control and policy enforcement on any file stored or manipulated
  • Seamless integration with organization file systems and AD
  • Simple, centralized, and client-less solution
  • Full logging and auditing of any file manipulation or action
  • Protect all storage types – network file storage locations, FTP/SFTP, cloud storage solutions, databases, document management applications, etc