This is part two in our three-part series on Ransomware. Part one discussed the two key steps your company needs to take to prepare for a ransomware attack. Part two provides seven steps your organization can adopt to prevent a ransomware attack. Part three will discuss how to recover from an attack.[/su_column]
Seven Steps to Prevent a Ransomware Attack
Ransomware is a malicious software used by cyber hackers to infect and take control of information on company IT systems and devises. Typically they require a ransom to release the data. The best defense against ransomware is prevention. Here are seven preventive steps every organization, no matter what the size, should take to reduce the risk of a ransomware attack.
- Educate employees. Include cyberattack prevention as part of your ongoing employee training and communication programs. Remind employees on a regular basis not to open suspicious email attachments or hyperlinks, even if they are from a co-worker. Ask them to avoid clicking on web page ads or responding to surveys unless they are on a trusted website. Make sure they know precisely what actions to take and whom to call if they notice any unusual activity on their computers or mobile devices.
- Establish best-practice e-mail server policies. This includes authenticating IP addresses and domains of inbound email and protecting your email servers by scanning stored, incoming and outgoing messages for security threats.
- Use ad blocking tools. Ransomware can be distributed through malicious advertisements on unsavory Restrict online ads where possible.
- Monitor File Activity. A ransomware attack on one workstation or device can escalate quickly to the entire organization. Continual monitoring of file servers can be an early detector and automatically put your IT systems into quarantine mode.
- Employ both anti-malware and anti-virus software along with a software firewall. This provides early detection and three layers of defense to help prevent ransomware from infiltrating company IT systems.
- Update or patch your software regularly. Ransomware often exploits known vulnerabilities in outdated software. To be safe, go directly to the software vendor’s website to make the updates.
- Limit employee access to mapped drives. Ransomware can browse and encrypt data on any mapped drive the infected end-user can Restrict employee permissions for shared drives or the underlying file systems of a mapped drive to limit unwanted encryption. Also, limit administrative access to servers and workstations to designated IT administrators.
These seven steps to prevent a ransomware attack are critical to the safety of your IT systems and data.
If you are prepared for a ransomware attack, it doesn’t have to be anything more than a rough day at the office.
If you have an organization with limited resources, consider outsourcing part or all of your IT needs to a local, professional Managed IT Services Provider (MSP) like Superior Endeavors Inc. SEI helps prevent cyberattacks by constantly updating and monitoring IT systems 24/7/365.
Read part three of our three-part blog series Ransomware 101 Part 3: Recovery
Find more blog articles, white papers, eBooks and success stories on our free IT Knowledge Center