The recent wannacry ransomware hack shocked everyone by its sheer size and global impact. It did not, however, come as too much of a surprise to those who work in the online security business. Organisations across the world including Disney, Telifonica and the National Health Service were affected as well as thousands of personal devices from Russia to the USA.
Ransomware is simple in its approach. A phishing email is sent to a computer, the recipient clicks on the link and some malware is downloaded onto their system, closing it down with a message that everything will be released on payment of a ransom. At Carden IT Services, we understand the importance of maintaining a strong level of security, whether you operate a small one or two-person business or are in charge of a large corporation.
1. Don’t Take Security Lightly There is no mileage in thinking that a ransomware attack won’t affect you or your business. We are all susceptible to attack and making sure that you have complete protection is vital. Small and medium size businesses are often more at risk because they don’t have the appropriate security systems in place.
2. Develop a Policy If you have people working for you, educating them on the risks we all face and putting in place clear policies regarding online security is essential. All businesses should have a robust set of instructions on how to remain safe and secure, produced in conjunction with expert advice.
3. The Right Anti-Virus You should make sure that your anti-virus software includes protection against ransomware which means that any attempt to encrypt your files is quickly spotted and any link or download terminated before it can do your systems any harm.
4. DNS Layer Protection Your security should also stop potential ransomware from fetching the malicious code once a link has been activated – you can only do this if you use a system that knows the location of these attacks and can block them once implemented.
5. Restriction Policies A third major line of defence in combatting ransomware is to ensure that those areas on your system where these programs are likely to run have the right policies in place. This includes not allowing .exe files to open and execute in certain, defined locations.
6. Securing Emails Emails are the most common point of entry for ransomware – an employee gets a message from what they think is a reputable source and click on the link without thinking. Not only do you need to educate your staff on the dangers of clicking any link but you can also reduce risk by having strong filtering mechanisms for your email accounts.
7. Web Based Emails There’s also a problem if employees are using their own personal web based email. This can be difficult to police if you don’t have the right protocols in place. DNS layer protection can also help protect you against malware from this type of location.
8. Protection Through Your Firewall Once an individual machine is impacted by ransomware, it can spread across your whole network very quickly. Making sure you have a strong firewall protocol in place is vital and will ensure that you have that final level of protection which isolates an affected device.
9. Attacks from Other Sources It’s not just through email that your systems can be attacked. There are certainly other devices where malware might be hiding including USB sticks and attachments. Making sure that you are protected from these attacks is equally important.
10. Don’t Risk Your Data Finally, while infrastructure cost is an important aspect for any business, you should always get the best system that your money can buy. At Carden IT Services, we believe we provide one of the most cost effective IT security systems on the market today – designed to keep your business safe from multiple threats.
Contact us today for a free, no obligation review of your IT infrastructure and we can highlight the risks your business faces.