Unfortunately, there is no single way to prevent Ransomware. We have put together a list of the top 10 ransomware prevention tips. Ransomware prevention requires a top to bottom approach to security. Here are some of our best tips to minimise the chances and mitigate the effects of a ransomware attack.
1. Strong, multi-layered security
No one device or application can detect every threat, and threats are evolving at such a rapid pace that they may bypass certain security checks or methods. Therefore your organization needs to have effective, multiple layers of security at different points in the environment. This means firewalls, intrusion prevention, web filtering, email filtering and endpoint security. Make sure they are up-to-date and configured correctly.
2. Keep up to date
A lot of malware seeks to exploit vulnerabilities in applications and operating systems to allow it to execute, or enter your environment. That is why it is essential to ensure the operating systems and all applications across all your systems are up to date.
3. Data access restrictions
Look at the way the data in your organization is structured, and look at who has access to what. Many ransomware attacks could be limited in their damage if businesses had access restrictions in place by making sure that only the people who need to have access to important data.
4. Software restrictions
Consider putting software restrictions in place through a white-listing policy. What this does is only allows explicitly defined applications to run. All other programs and processes are blocked by default. You can also allow only programs from certain folder locations to be executed.
5. System access restrictions
Do not login to systems with administrator accounts, and limit the number of administrator accounts. Login with regular accounts and elevate permissions when required.
6. Tighten organizational security
Implement password complexity and history rules, and change passwords regularly. Implement two-factor authentication where possible. Don’t allow outside equipment or portable storage to be brought in without being checked.
Your best bet from coming back from a ransomware attack is through backups. Follow the 3-2-1 backup rule. That is, have 3 copies of your data, spread across 2 types of media, with 1 copy kept isolated offsite. Many recent variants of ransomware have been known to attack backups, so the offsite copy might be your only chance of recovery.
8. Do not open suspicious links or attachments
The majority of ransomware is delivered through email with malicious links or attachments. Be extremely careful with both. Most institutions will not send you emails with links or attachments, so if you do receive something which seems suspicious, contact the sender first if possible to verify the authenticity.
9. Staff awareness about Ransomware Prevention
When all of your other systems and processes are in place, the last vulnerability you face is always the human one. Keep staff aware of the latest ransomware scams and encourage them to report any suspicious activity. Look for the warning signs in scam emails such as bad grammar and spelling mistakes. If emails appears suspicious, or contains links and attachments, contact the sender where possible and verify before taking any action.
10. Partner with an IT Service Provider experienced in Ransomware Prevention
IT Service Providers are experienced at designing effective malware prevention systems. They can help you design and select the right ransomware prevention solution for your business.
Further reading: What is Ransomware and what your business can do about it
Interested in Ransomware Prevention for your business?
Speak to the IT security experts at Stanfield IT on 1300 910 333