Malicious, intrusive software can take many forms. Yesterday’s computer viruses that were developed to simply cause harm, have now evolved in to malware designed to steal money. Of all the potential security vulnerabilities that could affect a company, a malware infection is potentially the most likely to occur.
Some forms of malware are fairly harmless, other types such as ransomware are much more sinister. When a successful ransomware attack is executed, user data is hidden, encrypted, or otherwise made unavailable. The user then has to pay a fee to restore their data. In an enterprise environment, loss of this data can have serious repercussions. Below, are 7 ways to ensure that you are protected from ransomware.
1. Educate Employees About Ransomware
Make sure that everyone knows that downloading unknown files or opening odd email attachments is a no-go. Put simply, if the ransomware is never executed, it can cause no harm. User education is the first line of defense when it comes to blocking malware. Such education also needs to cover what a user needs to do if they suspect a malware infection. This means laying down a plan for reporting the issue to the right people, in a timely manner.
2. Backed Up Data Can Never be Lost
Establishing a robust and comprehensive backup regime is a fundamental requirement for using business technology. However, when it comes to ransomware, it is possible that infected data is newer than backed up data. Therefore, it is imperative that key data is backed up frequently. Backups should be isolated, so that no risk of cross infection is possible.
3. Operate Redundantly
If business critical IT systems are potentially exposed to the risk of ransomware infection, it is advisable to operate redundant systems. This will minimize the risk faced, and also ensure business continuity of a successful malware attack takes place.
4. Consider Using Snapshots
Here we are speaking about a more advanced kind of backup regime. Instead of physically backing up data at fixed times such as nightly, regular data snapshots are taken at much shorter intervals. Put simply, if data snapshots are taken every hour, then only an hour’s worth of data can ever be lost. For some applications, this is surely the best option.
5. Authenticate Inbound Mail
Actually filtering out not only SPAM, but other potentially dangerous emails is now very easy to do. Most email servers allow for the checking of flags such as reverse IP lookup, SPF, DMARC and DKIM records. Flagging any incoming mail that does not pass these kinds of tests, is a major roadblock for ransomware distributors.
6. Invest in Enterprise Grade Desktop Security Software
Running a free anti-virus and anti-malware suite at home might work fine. But when the stakes are high, it is not worth skimping on deploying a proper, commercial desktop security suite. There is a cost attached, but is saving that cost worth gambling against the loss of business critical data?
7. Automate Software Updates
Most malware developers, try to stay one step ahead of the game. They expose and then exploit vulnerabilities in the OS, and also the application layers, such as office suites and even web browsers. Therefore, the developers of the OS and the applications, are always playing catch up, plugging security holes once they have been discovered. Automating the patching process for the desktop, makes sure that critical updates are installed as soon as they become available.
Security is a major issue for every enterprise. The trick to maximizing protection, and reducing overheads that lead to a higher cost of ownership, is to work smart. Following the advice above is a good start to minimizing potential security issues. For even more information, watch the Scary Facts About Online Security You Need to Know on-demand webinar.