You are going to get infected by ransomware. There, I’ve said it. Once you get your mindset over that hurdle, it’s time to plan and put your defence strategies in place. Here are 6 tips that will greatly reduce your risk of infection, and help protect your company’s data.
1. Train your Users
Ransomware infections often come through links and attachments in emails, or from a website. Training users on how to recognise potential phishing attacks, and checking suspicious links in emails, is a key part of any defence. The Ming General in charge of the Shanhaiguan Pass on the Great Wall of China opened the doors and simply let the enemy through the gates – your users are always the weakest link in your defence. Time to turn them into human firewalls! A simple education session can go a long way to increasing your defence levels.
2. Always up-to-date
Keep all operating systems and software updated with the latest patches. Ask your IT provider if they provide patch management as part of their support package. There’s no excuse for un-patched operating systems – it simply must be done. Windows 10 has many built-in mechanisms to protect against ransomware, and it is one of your best defences these days. If you aren’t already running Windows 10 in your business it’s worth looking into whether your systems are suitable for an upgrade.
3. Backup and Disaster Recovery
The single best method for recovering from a ransomware attack is to have a robust backup and disaster recovery solution. Not all backup systems are created equal, and many are susceptible to ransomware – meaning that your backup data is also encrypted by the infection. Businesses need to have disaster recovery solutions in place that can withstand the attack, and allow your business data to be recovered fully. You should regularly test restoring your data as well.
4. Anti-Virus Protection
It goes without saying that you should use industry-leading anti-virus protection on all your IT systems. The options are huge, and it can be daunting trying to choose. Most IT providers will have a preferred flavour that they will install as part of your IT support services. It’s generally best to go with what they have confidence in. The majority of business-grade products have centralised management and reporting, allowing IT support to remotely monitor your anti-virus system to ensure it is updated and to schedule virus scans.
5. Email Filtering and Security
Most businesses associate email filtering with reducing unwanted spam, after all, junk email accounts for over 50% of all email traffic. However, they can do so much more. An advanced email security service can also scan your email in the cloud for viruses, preventing them from ever entering your network in the first place. These services also provide outbound spam and virus scanning, ensuring you are not unknowingly sending these emails to your customers and suppliers. Over and above this, the best solutions provide email continuity features as well. This enables email to be cached in the cloud in the event that your email server (or service) is down for any reason.
6. Have a plan
How long will it take to recover from a system-wide ransomware attack? How well you have planned for this event will determine the answer. Ensure that your team fully understands the plan. Test your plan to ensure you are able to get system back online in the expected time frame. Having a plan, and testing it, will give you the confidence to recover from the infection and get you back in the game with minimal downtime.