How To Prevent Ransomware Attacks At Your Company
Ransomware is a classification of viruses that allow malicious people, or hackers, to control access to your data. The malicious party encrypts your data, then holds it hostage by preventing you from accessing it. Then, they withhold the keys to unlock your data until you have paid the “ransom”.
For good reason, ransomware attacks have dominated the media recently with major attacks on businesses of all sizes. Small businesses are an easy target because many do not keep up on necessary security updates. Even large businesses, hospitals, and government entities fall victim to ransomware attacks because of small oversights in security.
We’ve created a list of a few things your company can do to prevent ransomware attacks at your company.
Run A Security Audit
A security audit will tell you exactly where your network is vulnerable to exploits, unauthorized access, ransomware, and other attacks. Here at OAC, a technician will come out, plug into your network, and run the security scanning software. Then, we provide a final report detailing out the security issues, and work with you to shore up your defenses.
The security audit determines the weakest points, then we prioritize fixing those vulnerabilities using a lasting solution. Once you know how a hacker could break into your company data, you are better equipped to keep them at bay. To learn more about our security audit process, please contact us.
Use Good Security Software That Actually Prevents Ransomware Attacks
Not all antivirus or security software prevents against ransomware attacks. In fact, most are pretty ineffective if they have not been configured or updated properly. We have seen companies come to us with great security software installed, but they were victims to ransomware due to a simple misconfiguration or oversight from their former tech support company.
Keeping your security software up to date isn’t as simple as getting the latest iteration of Norton Antivirus or McAfee. In fact, we strongly don’t recommend these particular products since they don’t provide as much security. We recommend a more robust security system such as Sentinel One.
Properly Configure Your Settings
Security is like an onion. There are many layers ranging from physical protection to software protection. Physical protection lies with the firewall you use and your physical networks. However, how you use your operating systems, and the software you install, adds additional protection or can create vulnerabilities.
Requiring a password to install software often prevents ransomware attacks. It may feel like a nuisance, but it helps malware from installing or spreading through your network.
Configure your firewalls to scan for, and block, ransomware or malicious programs. Doing this before the malware makes it into your network adds another layer of security.
Ensure your DNS servers can’t access known malicious nodes on the internet. Having this configured drastically reduces the chances of employees falling victim to downloading something malicious.
Schedule your servers and network equipment to automatically download and install patches on an appropriate schedule. This will help keep your system’s security up to date.
Keep Your Software Up To Date
You must also focus your attention on keeping your programs, servers, and operating systems up to date. Even your network equipment has software running on it that often needs updating to stay secure against evolving threats.
Outdated items like email servers, operating systems, or desktop programs, can provide a doorway to savvy hackers.
Be Diligent About Using Your Firewall
Many companies think implementing a run-of-the-mill firewall is all they need to prevent ransomware attacks. In reality, this equates to a security guard checking IDs at the door. They can see who is coming and going, but fake IDs can easily slip in and wreak havoc.
The real difference maker is a Unified Threat Management (UTM) system. UTM systems go beyond the basic firewall and introduce an all-inclusive security solution. Network intrusion detection, content filtering, data loss prevention, and other additional functions are included with even the most basic UTM system.
Network intrusion detection is one of the biggest benefits of UTM. This feature protects your network against things like password hacking, brute force attacks, buffer overflows, and remote injection — all valuable assets to a hacker’s toolbox.
To sum this up, UTM systems essentially determine what threatening traffic looks like, and constantly update their own framework to prevent this evolving traffic from entering your network. This is all done in real time so your network is never left vulnerable to attacks.
You can read more about the dangers of an outdated firewall here.
Ensure You Have Backups to All of Your Files
In this day and age, it is almost unfathomable that over 50% of small businesses have a backup system that doesn’t actually work. Sadly, it’s the truth. This means that over 50% of small businesses could lose access to all of their data in mere minutes if hit with a ransomware attack.
Issues for these businesses range from backup systems that simply aren’t running to backup systems that are completely misconfigured and not covering the right data. The only true way to ensure all of your data is fully backed up is by using offsite backups that are under strict monitoring.
Unfortunately, even “fully backed up” data is no guarantee that you will prevent a ransomware attack, but it does ensure that in the event of a hack you will still be able to access your information.
To get an offsite solution, we recommend using monitored, automated cloud storage, that is entirely separate from your network. This will allow your data to be constantly backed up as it is created so you never have to waste time or risk missing files by manually backing up your information. Learn more about how cloud services can help you protect your data.
If your data is in the cloud, you need a backup in a provider that is NOT in the same cloud as your data. If Microsoft or Google has a breach, you don’t want your backups in the same ecosystem.
In the event of a security breach or ransomware attack, we often resort to offsite backups. If you need offsite backups of your data, whether it is on physical or virtual servers, or within the cloud, we’re happy to offer you backups.
Email Filtering or a Good Spam Filter
Email phishing has become a great, lazy way for malicious parties to send out thousands of emails per minute, and dupe people into giving their company passwords out to gain access to systems. When your computers and networks are secure, people are generally the weakest link in security in a company.
While spam filtering does help reduce the amount of obnoxious junk mail someone gets, good spam filtering software also removes the malicious phishing emails a company receives.
Employee Education
For as many technology-based solutions for preventing ransomware attacks at your company there are, it is just as important to maintain a vigilant staff that knows how to detect threats. Here are some actionable items that you can teach your team:
- Always verify the source of unfamiliar emails
- Never open attachments from suspicious email addresses
- Never click spammy looking advertisements
- Never share sensitive information with unverified sources before checking with your supervisor
- If something sounds fishy, it probably is
- Don’t believe everything you see — hackers are good at convincing potential victims. Don’t fall for their traps!
- When in doubt, consult an IT professional
Only You Can Prevent Ransomware Attacks!
Ransomware is a constant threat and can strike at any time. It’s time to make sure your network is protected. Contact us for a security audit to defend your business’ and customers’ data.
