The organization's operating systems and applications must be kept fully up to date, otherwise a cybercriminal could exploit an unpatched vulnerability to access systems and steal information.

Endpoints and servers must have appropriate security solutions, such as antivirus and EDR technologies, that help block the main threats that users suffer daily.

They should be backed up regularly, and hosted in alternative locations. Otherwise, a cyber attack could affect backups and render them unusable.

A robust password policy should be adopted, avoiding the use of easily guessable credentials. Likewise, the use of identity management solutions is recommended to facilitate its administration.

Two factor authentication (2FA) should be activated whenever possible. This limits the possibilities of a cybercriminal being able to successfully authenticate with passwords stolen and/or exfiltrated through information leaks.

Secure procedures for payment of invoices to suppliers must be implemented, validating all of them through a second channel, such as, for example, by telephone. The cybersecurity team should be alerted to any hasty changes in bank account numbers, so that they can investigate the suppliers' emails and identify possible identity theft. Likewise, special care must be taken with account changes in which the branches vary from country to country. This can be easily verified through the first letters of the IBAN. If you experience a CEO scam, immediately contact a cybersecurity service like Zerolynx to advise you on how to stop the scam and prevent it from happening again.

MDM solutions must be implemented to adequately control the organization's portable devices, such as mobile phones and tablets. Likewise, the installation of non-corporate applications and unofficial markets should be blocked to reduce the risk of installing infected APPs.

Before installing any new application, it should be reviewed in a test environment, in order to verify that it will not negatively affect the network or the stability of the environments. Once the tests are completed, said application must be deployed and maintained following corporate procedures.

Likewise, if you have lost any type of information from any of your computers or devices, try not to use unknown recovery solutions that may be advertised over the Internet. Many of them are adware, fake security tools that will try to steal your data or request money from you in the false hope of recovering your contents. Contact an expert forensic information recovery service like Zerolynx, which has the necessary tools to recover data on a multitude of devices.

Malicious emails and SMS must be controlled, carrying out awareness sessions to prevent users from clicking on links to access fraudulent pages, or downloading infected files. They are two of the attack methods most used by cybercrime.

Corporate computers should be automatically locked and prevented from being unlocked without the use of passwords or other authentication factors, in order to limit the theft of corporate information in the event of loss or theft.

The installation of pirated software should be prevented. These types of applications are generally infected by different types of malware and could open backdoors to cybercrime.

If you find yourself under a cyber attack, such as ransomware that is encrypting the computers on your network, try to modify the environments as little as possible, and never delete and reinstall the computers. Even having encrypted a large part of your fleet, it is possible to recover certain information from the disks and volatile memory. In addition, all systems store logs (data records), which will allow us to investigate what happened. In these catastrophes, always try to isolate the environments to prevent the threat from spreading throughout the network, and call an expert service like Zerolynx to deal with the contingency, help you find the entry route and carry out forensic studies. necessary, advising you, if necessary, in the judicialization of the case.