Defending Against Ransomware: ACT’s Best Practices Guide
Ransomware has become an epidemic in today’s IT world. It has locked down hospitals, universities, small businesses, and individuals all over the world. Ransomware is malware that infects your computer by locking access to your files until you pay a ransom – usually in Bitcoin. The malware typically gets on your computer through a malicious email or website. Hackers can also deliver it straight to your computer if it’s already been compromised.
Ransomware is replacing credit card theft as the number one scam for cyber criminals. Unfortunately, antivirus software alone is not enough to protect you from this threat.
ACT recommends multiple layers of protection to defend against the latest risks. Here are some best practices to protect your network against ransomware:
- If done correctly, backups are the only guaranteed defense against ransomware. This goes beyond a periodic copy of your data. Best practices include snapshot image-based backups that are captured multiple times per day and kept securely both onsite and offsite.
- This is technology 101. Everyone needs to be running antivirus software on all their appliances…yes I said all. Desktops, laptops, iPhones, Androids, Macs, etc. Nothing is off-limits these days.
Firewall with UTM
- In the old days, firewalls were the doors that kept the bad guys out. The problem now is that end-users are clicking on malicious emails and websites unknowingly, opening the door and inviting them in. Many firewalls today contain unified thread management features (UTM) that provide a suite of protection against today’s threats.
Operating System Security Updates/Service Packs
- When was the last time your servers or workstations were updated? Microsoft is regularly releasing updates, patches, and security fixes to keep their operating systems up-to-date against vulnerabilities.
Email Security Software
- If you find yourself weeding through dozens of junk emails on a daily basis, then it’s time to upgrade what you are using for email security. Cloud based email security systems can stop threats before they ever make it to your company’s mail server. Spam, viruses, and malicious URLs are some of the easiest ways for ransomware to infect users.
Domain Name System (DNS) Intelligence
- DNS is the starting point for internet connectivity across all devices. Providers are now using DNS to secure networks in ways beyond the standard security products out there. This gives clients another layer of security across all platforms in their organization by protecting them from malware, botnets, phishing, and others.
- One quick and easy way to help reduce the risk of ransomware on your network is to limit employees’ access to the network. There are a number of ways to do this. For example, you can remove permissions to specific files and folders, lock down desktops, and remove administrator roles for standard users, just to name a few. Keep in mind that malware can only access what the infected employee has access to. Thus, limiting employee access minimizes the threats.
- Employees are the front line to most businesses. Any email they open, attachment they click, or website they browse could be compromising the business. Many ransomware attacks can be prevented through employee education and training. This can be as simple as creating handouts for employees to review periodically, or maybe an occasional lunch-and-learn session. Remember, know before you click!
Did I Mention Backups Backups Backups?
- Backups are so important that it has made the list twice. And don’t forget, the only way to truly know if your backups are working is to run a periodic test. Don’t wait until your network is compromised to find out that your backup may have failed.
So ask yourself: Is your business safe? Sign-up for a FREE security consultation to see how well your network is protected.