Heya folks, Ned here again. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) just released their updated #StopRansomware Guide with a number of new contributions from Microsoft, including a substantial section on hardening SMB and remote file services.
See page 8 and 9 for the new SMB and remote file services recommendations. If you've been following my blogs and articles for the past few years, they should be familiar.
The guide is substantial but very readable and full of practical advice for IT shops of all sizes. In their own words:
"These ransomware and data extortion prevention and response best practices and recommendations are based on operational insight from CISA, MS-ISAC, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI). This guide was developed through the U.S. Joint Ransomware Task Force (JRTF). The JRTF, co-chaired by CISA and FBI, is an interagency, collaborative effort to combat the growing threat of ransomware attacks.
The audience for this guide includes information technology (IT) professionals as well as others within an organization involved in developing cyber incident response policies and procedures or coordinating cyber incident response."
It was a genuine pleasure to work with the dedicated civil servants who created this guide. It also highlighted that we need to consolidate, expand, & modernize our SMB and file services documentation at learn.microsoft.com. I've started a substantial project with my technical writing team and will have more news on this in a few months.
Until next time,
Ned Pyle