The number of ransomware attacks has exploded over the past few years, infecting millions of computers and costing companies millions of dollars.
Here are 3 best practices that every organization, regardless of size, should use to protect its business.
1. Education and Awareness
We hate to say it, but your largest attack point is also your weakest - the employees. Many of your employees have never heard of phishing or a man-in-the-middle attack, and hackers know that. It's crucial that you educate your employees about the most common cyberattack methods and how to avoid them, such as:
- Never click on links provided in an email. Type or copy the address into the browser to prevent accidentally opening a masked link to a malicious website.
- Be cautious when opening email attachments. This is a common method of attack for ransomware.
- When visiting a website, pay attention to the URL. Common malicious sites include URLs with IP addresses at the beginning of a supposedly secure site that doesn't use HTTPS.
- Spoofed email addresses are another method to get sensitive information. Never send personal information over email. We recommend just making a phone call.
- Never, ever share your password with someone over email. Legitimate companies never request credentials over email.
2. Backup. Backup. Backup
While preventing threats and attacks is always your ideal defense method, you should always have a Plan B. In the case that an advanced malware attack, specifically ransomware, takes hold of your system, regularly performing data backups can provide peace of mind that your data is retrievable.
Here are a few tips for backing up your information:
- Offline backups are key. Modern ransomware can find and encrypt your network storage.
- Simplify your backups as much as possible. Create a global share that can store all of your most important information.
- Automate your backups when possible. Don't let human error make you miss a backup.
3. Defense In-Depth
The more layers of security that you have in place, the greater chance you have of stopping an attack that another layer could miss. These attacks are able to morph into something unique, evading traditional detection methods.
Here are a few critical security layers your organization should have in place.
- Protect your network. Ransomware uses the network to not only connect to a malicious server and gain the encryption key, but also leverages the network to spread the attack throughout an organization.
- Gain visibility into endpoint devices. Ransomware attacks often start on endpoint devices (desktop computers, laptops, tablets, smartphones, printers, etc.).
- Connect the dots between the network and the endpoint. Looking at data from the network and endpoint provides a comprehensive idea of your overall threat landscape.
As a full suite IT and cybersecurity firm, Restech can help with your business technology and cybersecurity needs. Contact us today to learn more.