More than half of organizations were hit by ransomware in the last year at an eye-watering average remediation cost of US$761,106. Furthermore, in nearly three-quarters of those incidents, attackers succeeded in encrypting data!*
Staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices, including regular training for employees, are essential components of every single security setup. Make sure you’re following these 10 best practices:
1. Patch early, patch often
Malware often relies on security bugs in popular applications. The earlier you patch your endpoints, servers, mobile devices, and applications, the fewer holes there are to be exploited.
2. Back up regularly and keep a recent backup copy off-line and off-site
In our survey, 56% of IT managers whose data was encrypted were able to restore it using backups. Encrypt your backup data and keep it off-line and off-site so you won’t have to worry about cloud backups or storage devices falling into the wrong hands. Furthermore, implement a disaster recovery plan that covers the restoration of data.
3. Enable file extensions
The default Windows setting is to hide file extensions, meaning you must rely on the file thumbnails to identify them. Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript files.
4. Open JavaScript (.JS) files in Notepad
Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.
5. Don’t enable macros in document attachments received via email
Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of infections rely on persuading you to turn macros back on, so don’t do it!
6. Be cautious about unsolicited attachments
Cyber-criminals often rely an ages-old dilemma: knowing that you shouldn’t open a document until you are sure it’s legitimate, but not being able to tell if it’s malicious until you open it. If in doubt, leave it out.
7. Monitor administrator rights
Constantly review local and domain admin rights. Know who has them and remove those who don’t need them. Don’t stay logged in as an administrator any longer than necessary, and avoid browsing, opening documents, or other regular work activities while you have admin rights.
8. Stay up to date with new security features in your business applications
For example, Office 2016 now includes a control called “Block macros from running in Office files from the internet,” which helps protect against external malicious content without stopping you from using macros internally.
9. Regulate external network access
9. Regulate external network accessDon’t leave ports exposed to the world. Lock down your organization’s RDP access and other remote management protocols. Furthermore, use two-factor authentication and ensure remote users authenticate against a VPN.
10. Use strong passwords
It sounds trivial, but it really isn’t. A weak and predictable password can give hackers access to your entire network in a matter of seconds. We recommend making them impersonal, at least 12 characters long, using a mix of upper and lower case, and adding a sprinkle of random punctuation Ju5t.LiKETh1s!
