8 Ways to Protect Your Business From Ransomware

Ransomware. The word should send a shiver down any responsible IT support person's spine. There's nothing worse than being told not only that you've been infected by a virus preventing you from getting to any of your data on your network but also that you must pay someone ransom money to get your information back! 

There are several things that you should be doing in the normal day to day of running your IT that would not only limit the probability of being hit but also, if you do get hit, ensure that your business will function with nary a blip as your IT team responds.

The following are eight components you should have in place to ensure you're as protected as possible to prevent ransomware from hitting you in the first place, as well as being able to limit your exposure should you get hit:

1. Make sure your users are properly trained and aware of potential threats. Your users are your front line of defense. From a technical perspective, you can have the most secure network in the world, but it's only as tight as your users who are on it. If someone clicks on the wrong link or goes to the wrong website, you can easily be compromised.
2. Conduct training with pseudo-phishing attacks so that your users can learn what phishing is all about and how to react to a seemingly innocuous email. Here's more information on what an effective cybersecurity user awareness training program looks like.
3. Implement security policies within your network to lock down user rights and remove local Administrator level rights from users. This prevents most ransomware from running because the program simply doesn't have the needed rights to do so.
4. Ensure all the computers on your network are protected by Endpoint Detection and Response (EDR) and that it's managed by someone. Simply thinking that you're protected because you have EDR on your systems is not an appropriate mindset. It's critical that this key layer in protection is complete (across all machines) and kept up-to-date at all times.
5. Ensure that your email system is protected by an enterprise level antispam system. Often times this can be incorporated into an "Intrusion Protection System" as part of a firewall offering. If you're running Microsoft 365, don't be led to believe their built-in protection is enough. It isn't.
6. Ensure that your network is protected by an enterprise level firewall and that it's both configured correctly and continuously monitored.
7. Implement a methodical and disciplined patch and upgrade procedure so that all your workstations and servers are updated with the latest vendor security patches. Make sure to keep your firmware up to date on all your network devices as well (including switches, routers, and firewalls). This is an often overlooked vulnerability.
8. Implement a solid backup approach leveraging a solution built upon image-based backups. Also, make sure that your backups are tested on a recurring basis so that you know they work. There's nothing more frustrating than needing a backup only to find out that it's no good.

I can't stress enough the importance of this last bullet point. Too often, without a reliable backup you're just simply dead in the water when responding to an attack. Backups are like insurance. You don't want to pay for it because you don't want to use it, but how glad are you to have it in place when you need it!

Everything else listed are all items of great importance and none should be left off the list. These are all real and meaningful ways that will make a difference in your ability to prevent your network from being hit in the first place.

Want to see how your security precautions stack up? Reach out to us today.