How to protect your networks from ransomware
Although it has only been in existence for a relatively short time, ransomware has already caused a massive amount of distress and damage. In short, it’s well worth avoiding. With that in mind, here is a quick guide on how to protect your networks from ransomware.
You must have a proper anti-malware program with integrated firewall
It is very risky to rely on the default security apps bundled with the main operating systems. There is nothing inherently wrong with them. They offer a decent level of protection. The problem is just that malware is becoming much more sophisticated and hence placing more demands on security tools. This is particularly true of ransomware, which still generates enough money for its creators that they can afford to keep it regularly updated to try to keep it ahead of the security tools which aim to combat it.
These days, the best option for most people and organizations is a cloud-based solution. This not only means that the vendor takes care of the update process but also that the storage and process load is pushed onto the servers rather than the local device.
Vulnerabilities in operating systems and locally-installed applications are open doors to malware creators. It is therefore vital to apply any security patches as quickly as possible after they are released.
Ideally, they should be applied immediately. It is, however, understandable that some people and organizations may prefer to wait a day or two to check that the updates genuinely do fix more problems than they create. This, however, should be all you need to check community feedback and make a decision. Remember, the longer you delay, the longer cybercriminals have to exploit the vulnerability.
If you know that applying updates promptly is a weakness in your organization, then you need to address it. This means either making sure in-house resource is made available or that a managed IT services provider takes care of it for you.
The less you use the public internet, the less exposed you will be
The public internet is full of treasures, but it’s also full of dangers, even on some of the most popular sites, like the social media platforms. Because of this, organizations might want to rethink allowing their main company internet connection to be used for personal surfing. Although withdrawing internet privileges may not go down well, it is less and less likely to be a recruitment-and-retention deal-breaker given that so many people now have smartphones.
This will then leave you with people who need to use the internet for work. Depending on your sector, you may be able to restrict work-related use to specific, permitted sites or you may need to combine your automated protections (such as your firewall) with employee education, backed up by rules which are both fair and fairly enforced.
Remember that ransomware can be introduced through hardware
Although most malware is distributed digitally (especially through email attachments and malicious websites), it can be distributed on physical media or through infecting mobile devices which are then connected to the company network. This means that you have to implement effective physical security as well as effective digital security. In particular, you need to restrict access to USB ports (and optical drives) to prevent them from being used as a means to load unauthorized software/malware.
Speaking of unauthorized software, be very careful about what, if any, free software you use. There are some great options from reputable companies (although not all will be made available for business use), but a lot of free software is actually disguised malware, including ransomware. Never, ever use pirated software no matter what. Leaving aside the ethical and legal issues, pirated software is notorious as a way to spread malware, including ransomware.
Be careful how you store your data
Although you should always do your best to protect your networks from ransomware, you also have to be realistic about the fact that it may get through your defenses. This means that you need to know how to limit the damage it can cause.
Firstly, you need to ensure that all sensitive data is stored encrypted. Ransomware is increasingly being associated with data theft. Even if you pay the ransom, there is nothing to stop the cybercriminals from boosting their profits by selling your data as well – unless you have it encrypted.
Secondly, you need an off-site database as well as a local one. This needs to be entirely separate from your main system. Ideally, you should be able to restore to different time points in case there is a delay in identifying that you have been attacked.
Please click here now to start your free 30-day trial of Xcitium AEP.