How to avoid ransomware attacks
It’s easier than you might think to avoid ransomware attacks. What’s more, a good data backup policy should mitigate the damage if they do occur. With that in mind, here is a quick guide as to how to avoid ransomware attacks.
Invest in a robust anti-malware product with a firewall
These days, the most effective approach is generally to use a cloud-based software product that handles both traditional malware-scanning (both for browsing and files) and a firewall. This gives you everything you need without the hassle of a major installation or the need for regular updates. With cloud-based security products, the provider simply deploys updates on the server and they are immediately ready for use. This approach lightens the load on both IT staff and local devices.
Make sure you are updating your operating systems and apps
Any device which is connected to the internet should use an operating system and apps which are still supported by their developers. All security-related updates and patches should be applied promptly. If you are struggling to manage this with your in-house resource, then get a managed IT services vendor to take care of it for you.
For completeness, if you still need to run devices with outdated operating systems and applications for specialist purposes, then keep them offline.
Control how people access your network
One of the reasons IT teams often prefer to have everyone working out of designated business spaces is because it generally allows them to exercise more control over how people access the company network. These days, however, it’s probably advisable for companies of all sizes to have at least a policy in place for supporting remote and/or mobile workers, even if they neither have any nor plan to have any.
In practical terms, the question is whether or not you need or want to enforce discipline by organizing access through a VPN or if you feel like “lighter-touch” policies are sufficient. As a rule of thumb, the more time employees spend working remotely/on the move, the more you should lean towards using a VPN.
The less time they spend working remotely/on the move, the more you might want to lean towards “lighter-touch” policies that require less effort to implement. The key is to make these simple for non-technical employees to understand. This means that the most pragmatic approach is simply to ban them from using free WiFi connections. If you’re going to take this approach, then you might want to think about taking steps to facilitate people paying for WiFi or using mobile data when they’re working on the move.
Restrict what people can do on your network
Being allowed to use the company internet for personal matters has increasingly come to be seen as an expectation rather than a perk. At this point, however, there’s a strong argument for companies taking a firmer line on this, although it’s probably wise to explain to employees just why this is being done.
The simple fact of the matter is that most malware, including most ransomware, is spread through either compromised websites or email attachments. Statistically, the more websites people visit and the more emails they open, the more likely they are to fall victim to malware and if they’re using the corporate network at the time, then it’s the company’s data which is at risk. Remember even the best security systems cannot guarantee to provide 100% protection.
Given that most people now have smartphones and sometimes bring tablets as well, having network access is less and less likely to be a major deal for a lot of staff. If you think it might be, you could soften the blow by offering a “social” WiFi network they can access from their own devices and/or help with charging their devices at work.
Make sure you have an effective data storage and backup policy
The more sensitive your data, the more you should try to store it encrypted. This goes at least double for personally-identifiable data. In fact, this may be a legal/regulatory requirement. Storing data encrypted will not protect you against ransomware. The ransomware will just encrypt it again. It will, however, protect you from having to add data theft to your list of problems.
You also need to ensure that you are backing up data to two separate locations, one local and one off-site. Local data backups are very handy, but they are at a relatively high risk of compromise. With ransomware, for example, infected files are often automatically backed-up locally, overwriting the healthy file.
Please click here now to start your free 30-day trial of Xcitium AEP.