Ransomware: How Secure is Your Business?
Safeguarding Your Computer System From Ransomware
These days, ransomware attacks are on the rise, and just one can devastate your business. Discover seven ways you can protect your company from cybercriminals.
Your business hasn’t been a victim of a ransomware attack yet?
Don’t press your luck. Ransomware poses a real threat.
The number of cases of ransomware attacks against businesses of all sizes has exploded. In fact, the number of incidents has more than doubled during the first quarter of 2019. Cybercriminals are not only targeting hospitals, municipalities, and financial institutions but businesses of all sizes. Seventy-one percent of ransomware attacks are against small businesses since they are the least likely to have adequate back-up systems in place. According to research from Beasly, the average payout cybercriminals demand from small business owners is $116,000.
This terrifying stuff, but it is something that you need to address to protect your business.
There is No Better Time to Focus on Cybersecurity Than Right Now
So how can you do it at a reasonable cost?
- Talk about this very real and urgent issue with your employees. Conduct informational and training workshops with your entire staff, so they are aware of the severe nature of the situation. Most importantly, tell them that they are the frontline defenses. Remember to provide them with the tools they need to help prevent ransomware attacks at your company.
- Install high-quality spam filters and scan all incoming emails for possible threats. The root cause of many ransomware attacks is careless clicking on a link or downloading the wrong file. Make sure your email server is set up to prevent phishing emails and utilize security protocols like Sender Policy Framework or Domain Message Authentication Reporting to stop spoofing emails.
- Restrict network administrative roles. No one should have access to administrative accounts with the ability to install or update any software unless, and only when, completely necessary. Take a hard look at the permission you grant each of your employees. Unless necessary, limit employee accounts to ‘read-only’ status, and handle all patching and updating through a single dedicated account.
- Disable Remote Desktop Protocol and lock access to common ransomware disk locations. Remote Desktop Protocol allows a person to take control of your computer off-site. Unless there is a and specific reason you need this feature to be active, deactivate it immediately to prevent nefarious use by cybercriminals from accessing your system and installing ransomware. As an added precaution, enable a Software Restriction Policies to stop your network from executing files in locations where ransomware typical embeds itself like the AppData/LocalAppData folder or the temporary folders associated with browsers.
- Install and maintain a firewall and limit which applications can run on your servers. Controlling what is allowed into your computer system can significantly reduce the threat of a ransomware attack. While you should set up clear guidelines on which sites your employees can visit through a company computer, a good firewall is invaluable. Consider using technology to create a whitelist of applications and websites your staff can use while blocking everything else.
- Create a strict Bring Your Own Device policy or forbid the use of personal smartphones and computers. Setting up a strong defense against malicious cyber attacks is useless if you allow unregulated electronics to connect to your network. The small amount of inconvenience is worth it, and your employees will understand once you explain the reasoning behind any new rules.
- Back-up your data regularly. If the worst happens, and your business suffers a ransomware attack, having a separate off-site back-up is invaluable. Make sure there is no direct connection between your primary computer system and your back-up data to maintain the highest level of security.
This month may be National Cybersecurity Awareness Month, but protecting your company’s network from those who want to co-opt it a 365-day job. If you feel you need additional assistance safeguarding your technology, speak with a cybersecurity expert today.