Hardly a day goes by where we don’t read about a new ransomware attack. Sometimes you may not know you’re affected by ransomware. You could be in line at the grocery store and the friendly little sign taped to the payment terminal reads “Cash only. No Debit or credit” You may not know it but behind the scenes that organization has been hit by a malware attack making their systems inoperable. The stakes go up exponentially when the organization is a medical institution or pharmacy. Recently the SickKids hospital was hit with just such a ransomware attack and some services inside the hospital were being affected.
Best practices for ransomware protection.
This is top of mind for many business executives, and rightly so. What can you do to protect your business from ransomware? While there is no one-step cure to this menace, the steps below will help protect you against this type of malicious attacks.
- Operating Systems Protection
- Keep your operating system and software up to date. Install updates as soon as they become available, as they often include security fixes.
- Malware Protection
- Use a reputable antivirus program and keep it up to date.
- Data Protection
- Back up your important data regularly. This way, if you do become a victim of ransomware, you will have a copy of your data that you can restore.
- Make sure that your cloud storage backups are immutable.
- Phishing Attacks
- Be cautious when opening emails and attachments, especially if you didn’t expect to receive them.
- Train your employees to recognize and report phishing attempts.
- Don’t click on links in emails or online unless you trust the source.
- Password Protection
- Use strong, unique passwords for all your accounts and use a password manager to store them securely.
- Enable two-factor authentication on all your accounts that offer it.
Bake it into the process.
Admittedly this is a long list, and we can spend a lot of time defining each one of the above bullet points. Sadly, many businesses have been hit with a ransomware infection even though some or all of these ransomware protection solutions have been put in place. What’s lacking, then? For many businesses security is bolted on after the fact. In other words, network and IT security is bolted an afterthought making it a big inconvenience.
Full protection can only be achieved when a serious of ransomware detection and prevention steps work in concert. For many organizations this means hiring an MSP, or MSSP to implement and monitor their protection against ransomware.