If your business has been hit with a ransomware attack, you’re probably asking yourself: How did this happen? What should I have done to stop this?
For many businesses, the answer isn’t clear. That’s because all too often, businesses have holes in multiple areas of their security practices that pave the way for cyberattacks. While most business owners have security software implemented, they frequently overlook security solutions they can - and should - do themselves.
So you never have to ask the dreaded question again, we’re giving you the answer on the front-end. Here are 6 things you should have done to stop ransomware.
Application whitelisting is a proactive security approach that creates an index of trusted, approved applications and files that are allowed to run on your system - and prohibits everything else. It’s a contrast to application blacklisting, in which only specified threats are prevented and everything not on the blacklist is allowed to run.
By its nature, application whitelisting is more restrictive than blacklisting and takes more effort to maintain. Many businesses choose not to whitelist their applications because of its effects on software usability and the complexity of putting it in place. But, failing to restrict what can run on your system leaves you wide-open to security risks that can devastate your business network.
With most employees using multiple applications in the course of their work, systems face an onslaught of security risks each day. Application whitelisting puts the control of which programs run on your system into the hands of your administrator, rather than end-users. It’s a more efficient way to protect your system against zero-day vulnerabilities, malicious software, and ransomware attacks.
Control User Access
Allowing your employees unrestricted access to your network is a huge security risk. Careless or disgruntled employees can introduce ransomware or other malicious programs that wreak havoc on your system. In addition to training your employees on best security practices, keep employees restricted to only files and programs they need to do their job. This will limit the number of files a ransomware attack can encrypt.
Another smart way to control user access is to restrict the number of users that have administrative permissions. Too many businesses make their employees local or domain administrators out of convenience, unaware that this gives them the power to make fundamental changes to your system that can open it to ransomware and security risks. Always keep local and domain administrators restricted to a small number of approved users.
Use Smart Password Practices
We can’t emphasize this enough - smart password practices are one of the easiest ways to protect your system. Though it’s tempting to create easy-to-remember passwords to save yourself some login headaches, it’s never worth the risk.
Use strong passwords that are hard to guess, combine a variety of numbers and characters, and are unique to each account. Never use the same password for multiple accounts, and don’t store your passwords on your network where hackers can find them.
Finally, enable dual-factor authentication everywhere you can. This will make it harder for hackers to access your system accounts and deploy ransomware.
Apply Patches and Updates Regularly
Like updates, a software “patch” changes a program to protect it from new vulnerabilities that have occurred since its installation. If you’re running antivirus or security software that isn’t running with the latest patches and updates, you’re leaving holes in your security that make it vulnerable to ransomware attacks.
Always run updates and patches as soon as possible. Be sure your employees are installing all updates and patches that require manual authorization - many users bypass the updates for a later date, leaving you at risk in the interim.
Fire Up The Firewalls
Most businesses have perimeter firewalls in place at the boundary of their network to prevent outside traffic from entering their system. Be sure your perimeter firewall is able to do its job by shutting down connections to outside connections such as remote desktop systems.
While perimeter firewalls are important, they don’t protect your network from attacks that originate within your system. Many ransomware attacks occur inside of your network from push installations or employee activity. You should also run a personal or host firewall to protect your network from inside traffic risks.
Our BIS Firewall Security Management is a great choice for businesses that want comprehensive security protection against ransomware and other cybersecurity risks.
Protect Your File Shares
Since ransomware uses encryption to target your files and hold them ransom, keeping your files protected is a must, even if you have strong security measures in place. One common area that businesses overlook is the act of file sharing.
When you share your files with other users, whether over devices or through the web, you run the risk of them being intercepted by hackers. If you’re using a consumer-grade file sync option like GoogleDocs or Dropbox you’re especially at risk because these platforms don’t employ robust security measures to protect your files.
To best protect your shared files, use a business-grade file sync solution like BIS CloudSync. It offers a secure way to sync your files across all of your devices while arming you with strong security features such as device monitoring and restriction.
If you’ve been the victim of ransomware or need help improving your security, we can help! We have a wide range of security solutions and disaster recovery plans that can protect you from ransomware and other cyberattacks. Contact us today!
Phillip Long - CISSP, CEO of BIS Technology Group, along with his team of marketing and information technology experts, will walk you through an overview of what your business should be doing to protect your data and plan your digital marketing strategies.
About BIS Technology Group
BIS Technology Group is the technology leader on the Gulf Coast and is comprised of four divisions: Information Technology, Web Design & Digital Marketing, Office Equipment and Business Consulting. Together these divisions help local businesses exceed expectations and allow them to group to their full potential while minimizing risks. To learn more about BIS Technology Group, visit bistechnologygroup.com.
You may reach out to us at: