6 Steps to Help Protect Yourself From Ransomware

Posted on Posted in Uncategorized

Ransomware can be scary if you’re not prepared. So what can you do to protect yourself? Here are 6 basic steps you can take to reduce the impact.

  1. Have Good Backups
    • When people ask me about ransomware, my #1 recommendation is to have good backups. Although prevention would be preferred, the reality is that eventually someone is likely to visit a compromised website or to click on a malicious link that causes a computer to become infected. The whole premise behind ransomware is holding someone’s files hostage until a bounty is paid. If you have good backups, getting your files back becomes relatively straight-forward. The only way to know whether you have good backups is to test!
  2. Patch Discipline
    • Most people know that they should patch, but you would be surprised at how many organizations still take a laissez-faire approach to patching. The most common argument is that updates could break things. Yes, this is true, so if testing is needed, deploy right away to a test environment and make testing a priority. For smaller organizations that may not have a full test environment, pushing updates to a test group can suffice. Either way, take a disciplined approach to make sure systems stay fully patched and track patching results over time. Also, if an application is no longer needed, remove it.
  3. Don’t Click on Email Links
    • Although embedded links have become standard, there is still value in avoiding clicking on email links. If you get an email from a friend that says click here to download a file, call the person and make sure they actually sent it to you. More often than not, your friend’s email was compromised, so is sending malicious emails to all of your friend’s contacts. It would be much better to have your friend say that she intended to send you a file than to have to deal with ransomware or some other annoying malware.
  4. Limit Internet Access
    • While a pet-peeve of mine is overzealous IT people that lock down access to everything in the name of security, there is a happy medium. Establishing what that looks like is up to each individual organization; however, in general, people should have access to what they need to do their jobs and not much more.
  5. Only Give People Access Needed to To Their Work
    • While it may be easier and quicker to have broad groups for user access, the more access each person has, the more destructive ransomware could be for the organization. Once a computer becomes infected with ransomware, any file that can be accessed from that device becomes a target. That means that not only will all local files become encrypted but also any network shares that the person can access.
  6. Education
    • Do employees know what to do if they get ransomware? Periodic training is fundamental to any information security program. People need to be told to speak up. Speed is key. The sooner the organization becomes aware that a problem exists, the sooner that the problem can be dealt with and the less potential for damage. Although the process to encrypt files is not instantaneous, there is a narrow window to stop the spread by simply taking a device offline. Also, assuming that files will need to be restored, the sooner the organization becomes aware, the sooner the process can start and the smaller the potential window for exposure.

This list is not meant to be all-inclusive, but to provide organizations a place to start. Feel free to contact us if you would like to discuss ways that your organization can help protect itself from ransomware.

Leave a Reply

Your email address will not be published. Required fields are marked *