Ransomware is not something that only happens to other businesses.
Ransomware is malicious software that criminals use to hold your computer, network, and data hostage, demanding payment from you to get them back.
Ransomware is not science-fiction. It is becoming increasingly damaging for businesses around the world.
Your business can’t succeed without your IT infrastructure. If you want your business to succeed, you have to protect your business from ransomware.
If you fail to protect your business from ransomware your business will be controlled by extortionists.
Ransomware leads to loss of data, revenue, and customers.
Who is the target of ransomware?
Any business or organization that depends on access to critical data and can’t afford to lose access to it.
Here is how to protect your business from ransomware:
Backup Data Often
Ransomware often encrypts your data. What that means to you is that if you don’t have a recent backup of your data, you are in trouble.
One of the simplest protection against ransomware is frequent backups. How frequently you need to backup your data depends on your business.
Ask yourself: How often does my data change?
If your data changes daily, you need daily backups. If your data rarely changes, you might be able to get away with less frequent data backups.
Your backups must be secured. At the least, you have to have one offsite copy of your data. Either through a cloud backup service or an external drive, stored offsite.
Backup your data in three different places:
- Your file server (If your files are in the cloud, this should be done by your cloud service provider.).
- Local backup (You should store a copy of your local backups offline.).
- Mirrors of your data in the cloud.
In the case of a ransomware attack, your backups will help you recover almost immediately.
Crypto ransomware punishes those businesses the most that fail to backup their data.
The low cost of backup solutions makes defending your data easier than ever.
Key point: Regularly check to make sure that your backups are working.
Keep Software Updated
There is no protection from ransomware without regular software updates.
At the very least:
- Make sure that Windows is updated.
- Keep all plugins up-to-date
- Automate updates
- Create a patch management update
Protect with Browsers
Chrome and Firefox are constantly updated. Install plugins to block ads. Installing a pop-up blocker could greatly decrease attacks.
Show Hidden Files
Ransomware prefers to use hidden files. It is best to show hidden files. It makes it easier for you and your users to see suspicious files.
Users like autorun because it simplifies the user experience. For better malware protection disable autorun.
Windows Scripting Host (VBS) is a useful feature, but it makes computers more vulnerable to malware. VBS is used to download more damaging malware to your computer. It is best to disable VBS engine.
Restrict User Permissions
Some ransomware can browse and encrypt data on mapped drives. Therefore, it is important to restrict user permissions.
Install a Second Browser
Ransomware could damage your primary web browser. It makes sense to install a second browser.
Malware can also slow down your browser. Even worse malware could destabilize make your browser completely unusable.
There are many different browsers for your business to use. We prefer to use Chrome and Firefox.
To make your browsers more secure, consider installing the following:
- Script blockers.
- Pop-up or ad blockers.
- Web filters.
Also, make sure that you are always using the latest version of your browsers.
Filter Executable Files
It is important to have your IT department filter your email servers for executable files. The bottom line is that your mail server should not allow .exe files into your network.
Emails sent with .exe attachments should be discarded.
If your users need to share .exe files use a cloud file-sharing service such as dropbox or Google drive.
Use Security Software
Every computer on your network should run a malware/virus defender.
There is no substitute for user education about ransomware. Train your users not to click on suspicious emails. Tell your users to delete all emails that arrive from an unknown sender. Create and share a cheat sheet to show users how to protect their computers.
Once a computer is infected it must be disconnected ASAP from your network.
Disconnect the computer from wifi and hardwire connections until the ransomware has been resolved.
Disconnecting can prevent further damage.
photo credit: Self portrait in my hoodie