10 Things I Know About… Ransomware Protection
10. Backup files every night.
If you can access yesterday’s files, then there is no need to pay to unlock them today.
9. Patch automatically.
Make sure operating systems software on all devices (phones, tablets, laptops) and browsers are patched automatically with security updates.
8. Update software.
Make sure your endpoints and network devices are running the latest antivirus and anti-malware software.
7. Use the toolkit.
Implement email and web security tools that analyze email attachments, websites and files for malware and can block potentially compromised advertisements and social media sites that could be infected.
6. Whitelist.
Deploy application whitelisting, which prevents unauthorized applications to be downloaded or run.
5. Replace passwords.
Use strong passwords and have users change them every 90 days. Do not re-use the old passwords.
4. Prevent infestation.
Segment your network using VLans, so an infection in one area cannot easily spread to another.
3. Watch attachments.
Don’t open suspicious attachments in emails, even from people you know. This will help mitigate risk.
2. Inspect devices.
Deploy Mobile Device Management (MDM) technology which can inspect and block devices which do not meet your standards for security (no client or antimalware installed, antivirus files are out of date, operating systems need critical patches, etc.)
1. Train your users.
People are the most vulnerable link in your security program, and you need to plan around them. You must implement user awareness training so employees are taught to not to click on email attachments or download files.
This article was recently published in Worcester Business Journal.