Randtronics Logo

Strengthening Ransomware Resilience

Preparation is the best defense

Chances are that your business will be hit by ransomware attacks at some point, its time to get 'digitally vaccinated' to minimise the potential harm

Ransomware Resilience

Ransomware attacks are not going away anytime soon, hence every organization needs to enhance its digital immunity.

Perpetrators have every incentive to increase their activities and continue to innovate their forms of attack.   Ransomware attacks can occur remotely as a result of downloading malware,  or can occur when an attacker gains access inside an organizations network.   

Despite the innovations in form, the basic ransom tactics remain simple and crude – get inside the targets’ defenses, grab a hold of something sensitive and apply pressure until target pays. 

Ransomware attacks might not be going away but astute organizations can take steps to transform this risk from a potentially devastating crises to an on-going but low-level annoyance.

Achieving strong ransomware resilience means building capabilities to:

a) minimizing risk of initial attack, through perimeter defences such as staff training in digital hygiene, email scanning products, firewalls, antivirus/anti-malware software and penetration testing, and

b) mitigate the impact of attack, by boosting your digital immune response to defeat the attack and minimize the opportunity for material harm


Two layers of defence for building ransomware resilience

Ransomware attackers, once they have secured a foothold, typically seek to apply coercive commercial in one of three ways:

  • Encrypt + Deny – encrypt the targets data, or temporarily disable some or all systems.  Pay to have them released.
  • Covertly Corrupt – change data in ways that are potentially damaging to the business in a manner that is hard to detect.   Pay to have the changes highlighted or reverted
  • Steal + Release – steal sensitive data and threaten release. Pay or find yourself on the front-page of tomorrows news

Boosting your digital immune response

Because no line of defense is ever perfect it is also essential to create a strong second line of defense which by analogy forms the organizations’ digital immune response which can be broadly categorized as three supporting capabilities:

  • Purge – detect and eliminate malware and persistent hackers
  • Protect – limit the damage any attacker can inflict within tolerable range
  • Restore – reliably return systems and data to a known state

As a specialist in enterprise encryption, Randtronics’  particular contribution to enhancing your Ransomware resilience is protect your data and minimize the opportunity for an attacker to exert coercive pressure during a ransomware attack.     

Randtronics DPM via the DPM easyCipher provides the means to:

a) encrypt sensitive data in files, databases and folders 

b) tightly control who has the ability to access data in the clear, limiting access to explicitly authorized application and users, and restricting access to all others including privileged users

Step 1: Install DPM easyCipher agents on servers, laptops or Kubernetes containers holding sensitive data: files, databases or folders

Step 1. Encrypt Sensitive Data

Step 2: Define policies that limits access to decrypt data to explicitly authorised users and programs

Step 2. Minimize Attack surface by restricting all but explicitly authorised users

Result: Air-gap separation between your sensitive data and all but those users and programs granted explicit access

DPM easyCipher providing air-gap separation from sensitive data for all but explicitly authorised users

Latest news and articles

Goodbye, Tina Turner

Sad news this week that the Queen of Rock ‘n’ Roll has exited the stage. Many of us at the Randtronics team grew up hearing

Read More

Our Customers

Letter from the CEO

Rantronics Logo

Thank you for visiting the Randtronics website.

We make enterprise encryption easy.

Smart businesses already know that only encryption can reduce the attack surface and stop the hackers from stealing their sensitive data. A company that only uses encryption is more secure than a company with all other cyber security measures. Privacy standards such as PCI DSS, HIPAA, and GDPR are all mandating in law the protection of the citizen’s personal data. Fines for breaches are huge. You won’t get fined if your firewall is hacked. You won’t get fined if you suffer a virus or ransomware attack. You WILL get fined if you lose ANY personal data pertaining to ANY citizen. The lowest common denominator is the DATA. Data that is “Encrypted” is out of the scope of the Law.

Whilst all understand the need to protect sensitive data holistically (such as NIST Cyber Security Framework or 12 prescriptive PCI DSS guidelines) their cyber security priorities are misguided to say easy aspects and not addressing “what happens” when these fail? Encryption of data is the only direct protection measure that renders data unreadable compared to upgrading firewalls or virus and malware, IPS, log monitoring, etc. I am saying you need all methods but unless you have implemented enterprise grade encryption you are still unprotected like driving a car without “seatbelts”. “Enterprise grade encryption” as a cyber measure is the “seat belt” that saves lives in car accidents. Industry experts predict a relentless continuation of data breaches this year and penetration testing have proven perimeter defense is easily penetrable.

Randtronics has taken the challenge to make encryption easy and is innovating in many areas. We have already reduced deployment effort to days, use familiar standard components so that less skilled people can deploy and maintain systems.
I welcome discussions via email or phone as through your feedback we will be challenged to continue to innovate to the point where businesses and users do not need to be intimidated when using encryption as the worlds most powerful tool to protect their sensitive data.

Experts predict data breaches will continue at relentless pace, let Randtronics secure your business with “Enterprise grade ubiquitous encryption technology”. Time is of the essence. Why not be pro-active? I invite you to let Randtronics and its global distributors and resellers assess and assist your business directly.

Yours sincerely,
Bob K Adhar, BE, MBA, CISSP
Founder and CEO