Watch Demo×
×

See NinjaOne in action!

Securing a Financial Services Firm and Bringing it Back into Compliance

ransom

Photo by Burst

Ransomware Infection Reveals Bigger Problems For Financial Firm

In addition to paying ransom fees to retrieve locked files, inadequate security protection puts a financial service firm out of compliance with industry regulations.

For more than seven years, Anthony Oren has been the CEO and tech maven of Nero Consulting, an MSP and technology consultant in New York City that specializes in providing cloud-based solutions and business continuity strategies for a flat monthly fee to businesses of all sizes and industries.

One of the biggest trends Oren has seen impacting a majority of companies in recent years is the exponential increase in cybersecurity threats — especially ransomware, which the FBI says has become a $1 billion problem. “By the time some companies reach out to us for help, they have no choice but to pay the ransom to get their data back,” he says.

That was exactly what happened to a 15-person financial services company recently. Although the firm used a popular consumer cloud backup service, the only way data could be recovered was one file at a time. “It would have taken a week or more to restore their 100,000-plus files,” says Oren. “At that point, it was more economical to pay the fine, which was about $1,200 USD or 2฿ in bitcoin currency, and get it back from the criminals, which took about two hours.” Thankfully, the firm’s story doesn’t end here. The incident presented a good opportunity for Nero Consulting to show the company that this incident was a symptom of a much bigger problem, which required what Oren calls a tech Ninja’s expertise.

Weak Security, Poor Network Configurations Are Top Vulnerability Culprits

After helping the financial services firm recover its data, Nero Consulting convinced the firm to undergo a full network assessment. Not surprisingly, the exercise revealed several red flags right away. “They were using free antivirus software on all their computers,” says Oren. “Not only is it a violation of the end user license agreement [EULA], these stand-alone products offer only remedial security protection, and there are no alerting features or visibility into problems until it’s too late.” Another problem Nero Consulting discovered was that the firm’s network was wide open, making it easy for an infection on any endpoint to quickly spread to other endpoints connected to the network.

What both of these findings pointed to, says Oren, was that the firm would have been out of compliance with newly formed industry regulations, such as 23 NYCRR Part 500, which took effect March 1, 2017. The regulation stipulates New York state’s cybersecurity requirements for financial services companies with 10 or more employees and generating at least $5 million in gross annual revenue, which were criteria the client met. “The regulation requires each firm, referred to as Covered Entities, to develop and implement written policies and procedures designed to ensure the security of their information systems and nonpublic information that are accessible to or held by third-party service providers,” he says. “Each Covered Entity also has to conduct a risk assessment and show it has the appropriate security controls in place.”

Mitigate Future Ransomware Threats With A Ninja Managed Security Services Offering

After helping the financial services firm discover the gravity of the situation, the MSP presented the firm with a comprehensive managed security solution. “In addition to offering to help the client develop security policies and procedures, we recommended our managed security services offering to protect their IT systems and data,” says Oren. “We use a bundled solution that’s built around Ninja MSP’s remote monitoring and management [RMM] solution, Webroot next-gen endpoint protection, Datto backup and disaster recovery [BDR], and TeamViewer remote control software. Using the NinjaRMM agent, we’re able to remotely deploy antivirus, antimalware, and other apps. Plus, Ninja enables us to create security policies and enforce them on the backend. Ninja also integrates with our other managed services products, which allows us, for instance, to see server alerts and malware attacks from NinjaOne’s portal instead of having to log into multiple portals. Not only do we become aware of problems before our customers in many cases; we can often fix a problem before it causes any productivity loss or other concerns.”

Oren acknowledges that no security protection is 100 percent bulletproof, but with a good BDR in place, it’s close. “Should this client ever suffer another ransomware infection in the future, we have backup files and images of their data saved locally and in the cloud that we can retrieve. The BDR solution takes file and image snapshots every 15 minutes, which allows us to be precise when performing a rollback. Our BDR solution also performs regular restore tests automatically and takes a screen shot of the results, so we don’t have to wait for an actual emergency to know that it works. By protecting our client with Ninja MSP’s proactive network monitoring solution, our managed network security solutions, and a BDR solution, the firm no longer has to worry about contacting a cybercriminal to buy its data back should it ever suffer another breach. Plus, the customer is now compliant with state security regulations, which makes the investment well worth it to them — and it’s satisfying for us to play a key role in their peace of mind.”

Next Steps

Building an efficient and effective IT team requires a centralized solution that acts as your core service deliver tool. NinjaOne enables IT teams to monitor, manage, secure, and support all their devices, wherever they are, without the need for complex on-premises infrastructure.

Learn more about NinjaOne Endpoint Management, check out a live tour, or start your free trial of the NinjaOne platform.

You might also like

Ready to become an IT Ninja?

Learn how NinjaOne can help you simplify IT operations.

NinjaOne Terms & Conditions

By clicking the “I Accept” button below, you indicate your acceptance of the following legal terms as well as our Terms of Use:

  • Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms.
  • Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party.
  • Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library belonging to or under the control of any other software provider.
  • Warranty Disclaimer: The script is provided “as is” and “as available”, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations.
  • Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks.
  • Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script.
  • EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).