Tip #1: Educate users on best security practices
Education is still the best way to help your business avoid infection by ransomware or any other form of malware. Make your employees aware of pupular social engineering methods and tactics so they don't fall victim to phising emails or spoofed messages. It is particularly helpful to share examples of these kinds of emails and the types of attachments that are often associated with social engineering attempts so that end users know to avoid them. A managed services provider is well equipped to help you deliver this sort of training,
Best Practices include:
- Do not open emails from strange or unfamiliar email addresses
- Do not disable or deactive antivirus or anti-malware software that is installed on your computer
- Do not download software rom torrent sites - official or direct downloads are preferable
- If you receive an email from a filiar contact that includes an attachment or link, verify separately that the person or organization actually sent you this message.
Tip #2: Consistently update operating systems, antivirus and anti-malware software
Most security vendors are constantly working on updates to catch and stop ransomware before it infects your files. If you use antivirus or anti-malware services, be sure you are running the most recent versions of these products and do regular updates. Contact your vendors or your managed service provider to learn more about how they're defending against ransomware to see if there is any additional protection available.
It is also important to be sure your operating systems are up to date with the latest security patches to avoid leaving any backdoors open. Often, backdoors are fixed in the latest patch or update, and hackers can prey on companies running out-of-date software, which gives them an easy "in" to the system.
Tip #3: Back Up your data frequently and consistently
Offsite backup is a critical component to a ransomware recovery strategy and should be an integral part of your disaster recovery plan.
Why offsite? Because ransomware infections have been know to infect local drives and network shares that are mapped as a drive letter on the infect computer. 1 That means if you're using only a local backup soltion, there's little chance of recovery without paying the ransome because your backups will most likely get encrypted as well.
1. http://resources.flexerasoftware.com/web/pdf/Research-SVM-Vulnerability-Review-2016.pdf