Keep Software Updated
There is no protection from ransomware without regular software updates.
At the very least:
- Make sure that Windows is updated.
- Keep all plugins up-to-date
- Automate updates
- Create a patch management update
Protect with Browsers
Chrome and Firefox are constantly updated. Install plugins to block ads. Installing a pop-up blocker could greatly decrease attacks.
Show Hidden Files
Ransomware prefers to use hidden files. It is best to show hidden files. It makes it easier for you and your users to see suspicious files.
Users like autorun because it simplifies the user experience. For better malware protection disable autorun.
Windows Scripting Host (VBS) is a useful feature, but it makes computers more vulnerable to malware. VBS is used to download more damaging malware to your computer. It is best to disable VBS engine.
Restrict User Permissions
Some ransomware can browse and encrypt data on mapped drives. Therefore, it is important to restrict user permissions.
Install a Second Browser
Ransomware could damage your primary web browser. It makes sense to install a second browser.
Malware can also slow down your browser. Even worse malware could destabilize make your browser completely unusable.
There are many different browsers for your business to use. We prefer to use Chrome and Firefox.
To make your browsers more secure, consider installing the following:
- Script blockers.
- Pop-up or ad blockers.
- Web filters.
Also, make sure that you are always using the latest version of your browsers.
Filter Executable Files
It is important to have your IT department filter your email servers for executable files. The bottom line is that your mail server should not allow .exe files into your network.
Emails sent with .exe attachments should be discarded.
If your users need to share .exe files use a cloud file-sharing service such as dropbox or Google drive.
Use Security Software
Every computer on your network should run a malware/virus defender.
There is no substitute for user education about ransomware. Train your users not to click on suspicious emails. Tell your users to delete all emails that arrive from an unknown sender. Create and share a cheat sheet to show users how to protect their computers.
Once a computer is infected it must be disconnected ASAP from your network.
Disconnect the computer from wifi and hardwire connections until the ransomware has been resolved.
Disconnecting can prevent further damage.
photo credit: Self portrait in my hoodie