By: Karl Bickmore, CEO, Snap Tech IT
If you’re not concerned about the risk of ransomware, then I wonder what deserted island you’re on.
Ransomware is so prevalent that businesses should take all the necessary precautions available to them. To help you out, we’ve listed the top 8 ways you can protect your business network from ransomware attacks:
1. Install a UTM firewall
Have a unified threat management (UTM) firewall in place on your network that includes effective content filtering, an intrusion detection system and anti-malware functionality. Our favorite UTM brand is Sophos.
2. Offer end-user awareness training
This will help end users always be on the lookout for suspicious email. Regular training on up-to-date attack methods is critical.
3. Up your anti-ransomware and anti-virus games
Both anti-ransomware and anti-virus software should be installed on all of your organizations computers. Gone are the days when simple antivirus software and a loosely configured firewall were sufficient. That worked 10 years ago, but it does not work in today’s world.
We highly recommend InterceptX from Sophos. It is independently rated as the No. 1 protection of this kind.
4. Don’t ignore software updates
Patching—fixing by installing network updates—must be managed and kept up-to-date. The most successful ransomware attackers analyze vulnerabilities that have been fixed in major software vendor updates, knowing that many IT providers won’t install them for months. Even if there is a patch for it, an attack can still be effective.
Your IT provider must be on high alert, providing regular reports to show you patches are being managed properly. This includes more than Windows, and should also cover updates for Java, Flash, Chrome, Firefox, iTunes, Adobe products, etc.
5. Back it up early and often
Make sure your backup system includes embedded ransomware protection and keeps multiple copies of the data both on-site and off-site. Backups should be done several times a day, using a backup and disaster recovery (BDR) approach. It is the most effective system a small- to medium-sized business can get.
6. Avoid linking daily end-users with local computer administration
Making daily end-user accounts part of the local computer administrator’s group is a risky-yet-common practice. Don’t do it. Once an exploit hits an end-user account, it can spread to all areas of the local computer if the logged-in user has administrative access to it.
7. Limit end-user permissions on server shares
When setting up sharing permissions on your server, make sure end-users only have the minimum level needed to do their work. This will limit how far an attack can spread throughout the network, should one occur.
8. Protect your servers too
Make sure your servers also have specific ransomware prevention software along with the antivirus software. It is not enough to have this type of prevention on your desktops and laptops. Your servers also need this type of additional protection above and beyond traditional anti-virus.
Following these recommendations will go a long way in keeping your business network well-oiled and ransomware-free. For more tips on how to ensure your IT system security, read our blog, 4 IT Tools for Risk Management.