The Datamax Thinking Blog

Educating, collaborating, and sparking ideas for maximizing the technology that matters.


Strengthening Your IT Roots: 10 Ransomware Prevention Tips

blog_tree_photo

Build strong roots from within your organization: Continue to empower employees to be proactive about cybersecurity risks and encourage them to report questionable content or activity.

An old Malay proverb states that “A tree with strong roots laughs at storms.”

Today’s workforce continues to grow remotely, with Businesswire estimating that remote workers will account for 72 percent of the US Workforce by 2020.  With more bring-your-own-devices out  in the field, endpoints continue to multiply and extend further beyond a traditional office, just like  branches on a tree.

How secure are those branches extending across your organization?   IT administrators must not only cover more ground, but must look closer at the roots holding up the security of their organization, in an effort to maintain stability.

Storms such as Ransomware show up on a business’s radar unexpectedly, causing often-irreversible damage. With employees exchanging critical business data using smartphones, tablets and personal laptops that are unsecured, they make themselves especially vulnerable to attack.

Ransomware is malicious software that encrypts files, locks the computer, and retains control until the user pays a certain amount of money. More often than not, the attack begins by opening a malicious email.

The root of any IT security plan begins with education: Not just a meeting, but ongoing training and awareness for all end users.  The end-user is often the best defense against Ransomware, especially considering the phishing email attack is a major method of infiltration. Strong user security training can help any organization significantly reduce its exposure to unnecessary risk.

Installing and implementing professional-grade firewalls, endpoint security (Anti-Virus), spam filters and a solid data backup solution are a few of the crucial preventative measures business owners should take in protecting his or her business against Ransomware.

To the point of growing remote workforce, device authentication, data encryption and the ability to remotely wipe data if a device is lost or stolen are all measures organization should consider.

Simply put, taking the necessary proactive measures now can shield your business’ critical data, and financial well-being. Most importantly, build strong roots from within your organization: Continue to empower employees to be proactive about cybersecurity risks and encourage them to report questionable content or activity.

Additionally, Here are 10 Tips on Defending Against Ransomware, Provided by Barracuda Networks:

1. Understand your attackers

Whether you’re a small business with a handful of employees, or a Fortune 500 company, everyone is a target for ransomware. No company or bank account is exempt.

2. Secure all internet threat vectors

Modern, advanced attacks exploit multiple attack vectors including user behavior, applications, and systems. The six main attack vectors are email, web applications, remote users, on-site users, the network perimeter, and remote access. A comprehensive security posture should extend across all these vectors. A firewall is not enough.

3. Secure all attack surfaces

The clear business benefits of migrating to virtual and cloud environments means that hybrid networks are increasingly the norm. Effectively securing cloud or SaaS-based applications like Office 365 requires a comprehensive solution designed to centrally manage hybrid networks.

4. Educate your users

User behavior can be your single greatest vulnerability. Good security is a combination of enforcement, monitoring, and user education—especially against threats like phishing, spear phishing, typo-squatting and social engineering.

5. Don’t forget your remote workforce

The mobile revolution drives productivity, collaboration, and innovation, but it means much of your workforce is outside the network perimeter—often connecting via personal devices. This creates a huge potential gap in your security if not properly protected.

6. Keep your systems updated

When vulnerabilities in platforms, operating systems, and applications are discovered, vendors issue updates and patches to eliminate them. Always make sure you’ve installed the latest, on all potential attack surfaces. And never use obsolete software that is no longer supported with security updates.

7. Detect latent threats

Clean house! Your infrastructure likely contains a number of latent threats. Email inboxes are full of malicious attachments and links just waiting to be clicked on. Similarly, all applications—whether locally hosted or cloud-based—must be regularly scanned and patched for vulnerabilities.

8. Prevent new attacks

With today’s evolving threat landscape, sophisticated, targeted, zero-day attacks are coming your way. To stop them, you need advanced, dynamic protection with sandbox analysis and access to up-to-the-minute global threat intelligence.

9. Use a good backup solution

A simple, reliable backup system lets you recover from many attacks within minutes or hours, at very low cost. When data is corrupted, encrypted, or stolen by malware, simply restore from backup and get back to business.

10. Keep management simple

As both networks and threat landscapes grow more complex, it’s easy to let security management become a major burden on IT staff. And with complex, disjointed management come more oversights that cause security gaps. Minimize both risk and cost with a simple, comprehensive solution that provides “single-pane¬of-glass” security administration and visibility across your entire infrastructure.

Would your business see such a predator coming today? Even more so, would you have a plan of defense?  When it comes to protecting your business, we've got cybersecurity covered! Learn more by reading this FREE eBook, where you’ll learn:

  1. how malware is spread,
  2. the different kinds of ransomware, and
  3. most importantly, what you can do to avoid or recover from an attack.

New Call-to-action

Source: Barracuda (www.barracuda.com)

Topics: Security Network Management IT Consulting Business Continuity Network Security Cybersecurity