Ransomware is perhaps the costliest cyber threat your organization’s data faces today, and the global losses due to ransomware run into the hundreds of millions of dollars. Every year, thousands of new malware variants are being reported, as cyber crime becomes more and more sophisticated. Our partners at Infrascale have outlined 5 easy-to-follow strategies on how to protect yourself against ransomware.
1. Train your Users and Test their Knowledge
Since ransomware infections often come through links and attachments inside emails, or from a website or web application, it’s very important to train your users on how to recognize phishing attacks and suspicious links and attachments, but training is only the first step. System admins must also make sure to regularly test their users with simulated phishing attacks to ensure that your users have been properly conditioned to resist these attacks. Organizations may also want to install advanced email spam filtering which will block email messages with attachments from suspicious sources. System admins can filter executable attachments in emails based on the file extensions. Another good idea is to disable macros embedded within attachments and re-enable the display to full file extensions. This makes it much easier to spot suspicious files.
2. Monitor your Network
Your IT team must diligently monitor your network by analyzing logs, clearing out alerts, and processing potential threat feeds. If the infection is detected quickly and the workstation is disabled immediately, you can recover the data within 24 hours, and often in as quickly as five minutes (we have great solutions for that). Organizations should constantly update the operating system and other software on their systems with the latest patches. Unpatched vulnerabilities in operating systems and software are a common entry point for malware.
3. Maintain Robust Backup and Disaster Recovery
The ultimate safety net for ransomware defense is a robust data protection and disaster recovery solution (check out our cool blog post on DRaaS). Implement a backup strategy that fully supports organizations with multiple types of data, files, and systems to protect. Not all solutions are created equal, but enterprise-grade backup and disaster recovery solutions preserve a complete version history, which is crucial to being able to recover from any attack.
4. Commercial Grade Anti-Virus Protection
Our friends at Infrascale advise that the best way to steer clear of viruses and malware is to use an industry-leading anti-virus software solution. There are many types out there, and they don’t have to break the bank, but having a superior level of defense will go a long way. On your anti-virus software, enable the auto update, auto-protect, and personal firewall features to ensure you always have protection in the background that is continually updated.
5. Have an Incident Response Plan
How you’ve prepared will determine how quickly you are able to restore your company’s data and get systems functioning again. This starts with a well-designed plan that is understood by the entire team. Practice executing the plan to ensure you are able to get systems back online in the expected timeframe. The practice will also give your team the confidence to perform flawlessly when the need arises.
Want to get started with a robust data security solution to eradicate this nasty threat? The experts at EAS can come in and get you set up with our preferred partner Infrascale. All you have to do is email us to get started.