Ransomware is software that, if it gets onto your computer, can lock your files, encrypt them, and then in order to get them unencrypted you have to pay a sum of money to the person or group who infected you. Ransomware prevention is an important topic for businesses of all types and sizes. Without proper and consistent data backups, dealing with the aftermath of ransomware attacks is like Russian roulette.
This article focuses on measures that businesses should employ to ensure a higher level of defense against these plagues.
- Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
- Patch operating system, software, and update firmware on digital devices (which may be made easier through a centralized patch management system).
- Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
- Manage the use of privileged accounts-no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
- Disable macro scripts from office files transmitted over e-mail.
- Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g.,
temporary folders supporting popular internet browsers, compression/decompression programs).
Business Continuity Efforts
- Back up data regularly and verify the integrity of those backups regularly.
- Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.