Eight Ways to Protect Your Business from Ransomware: One of the top questions CEOs and business owners are asking is “What should we be doing to protect our firm from ransomware?” The truth is, there are many, but listen here for our top eight must-haves.
I’m frequently asked by business owners, CEOs CFOs, what should we be doing to protect our business from ransomware. The truth is, there’s a number of items that you should be putting in place. But if you have time and resources, here’s the top eight.
Number one, multifactor authentication. Sounds easy. But it needs to be implemented in such a way that you’re not only protecting the log on to the network. But you’re also protecting each application. When you go to your banking website, you have a username and password, and then they send you a code that’s good for eight seconds. That’s what I’m talking about.
Number two, every organization should have EDR. It stands for endpoint detection and response. It is the next generation of antivirus. If you just have standard antivirus today, it’s not enough. Next Generation uses AI artificial intelligence to help identify what is happening on your network. It not only takes into account virus signatures, but it also takes into account activities that are happening that are considered abnormalities. The new EDR solutions, take this into account and will throw off alerts of abnormalities happening on your network.
Number three, we all have it, we’ve had it for years, it’s Backup and Restore. But it’s more important today than ever. If you are hit with ransomware, the number one way you’re going to be able to recover is to have a good solid secure backup. What does that mean? That means that you need to have a minimum of 30 days worth of backups, more is better, we would like to see 60 days worth of backups. It also means that your backup has to be secure and not part of your current network. If ransomware does get on to your network, it’s going to look for your backup files, and it’s going to corrupt those as well, you need to have them in a secondary location. Other good components to look for, your backup needs to be encrypted and be password protected.
Number four is find and fix. You need to audit your network, find the problems that exist. There’s a number of tools out there. Qualys, tenable rapid seven, three of the tools that we use in our organization. If you pick one and run the audit on your network, it’s going to identify problems. those problems then become your action list for correction. Without the find and fix, you’re only putting a cover over potential problems.
Number five email security tools. It’s built into Google, it’s built into office 365. If you have your own mail server, there’s products like MimeCast. The goal is to configure it properly. So that number one only legitimate emails make it through to you and your staff. And to check every link. Every link you’ve clicked An email will be opened in a sandbox first to see if there’s any malicious activity taking place. If it checks clean, it will pass you through to the site, the extra five to 10 seconds that that takes it’s well worth the time. These tools are invaluable. And one of the best ways to protect ransomware from getting onto your network.
Number six, lower privilege. This one has two components, the local machine and the network itself. When bad actors gain access to your computer or to your network, they’re always looking to elevate their privileges. And the lower they start, the better for you. And it solutions we frequently see. End users have been made administrators of their local machine. A bad actor who gains access to that machine has very little problem installing the software that they need to compromise the rest of the network. Next, there’s network permissions that covers two components. The first is application. The second is the data on the network. Again, everybody needs the permission that they need to do their job but no more
A sim is security information and event management. Think of this as the security system for your network, very much the same as a security system for your building. It is monitoring everything that’s happening on the network. And it’s looking for abnormalities. Much the same as when your window is broken or motion detector is set off, you’re alerted by your building. Number eight, a culture of security. A security policy is not enough. The previous seven items will be worthless without a strong culture of security. Let me just ask you if the network is compromised today, who is in charge of making sure that that compromise is handled? How do you know when a breach takes place? What is the value of your data where does your vulnerability exist within the organization? Many executive teams don’t know the answer to this. The culture of security starts at the top and it’s driven throughout the organization. This is done through awareness training. This is done through auditing. This is done through it discipline. It’s easy to do. It’s difficult to be persistent with it.
We’ve got answers — fast, clear, and tailored to your needs. Let’s talk tech.
