It won’t matter if you consider your company an unlikely target for ransomware attacks. If just one ransomware attack hits your network, it will still cripple your business.
Take the time now to prepare for and take precautions against ransomware attacks.
1. Create a Device Inventory
You need to have an up to date inventory of all devices on your network, and you need to monitor those devices on a regular basis. The list should include all security devices, access points and network devices to ensure that you are tracking every possible place a cybercriminal could access your network.
2. Automate Software Updates
All of your endpoints need the latest software to thwart exploits to the greatest extent possible. Automating software updates and patches is the best way to keep everything current. Your updated device inventory will help you to ensure that all of your endpoints are covered.
3. Segment Your Network
You need to minimize the impact if you do get hit with a ransomware attack. Segmenting your network is one way to close some doors that an attacker would otherwise use to travel throughout your network.
Once you have identified the flows through your network, you can plan segmentation to minimize the number of traffic flows that need to cross segment boundaries.
4. Keep the Network Clean
Develop a policy controlling the devices that anyone adds to the network. Check all devices to ensure that they meet basic security requirements, and will allow you to actively scan for unpatched or infected devices and data flow.
5. Use Access and Application Controls
Controlling access can include limiting admin accounts, and limiting users to only the access they need. For example, if a user only needs read access, don’t allow write access.
From an application standpoint, implement controls that prevent an application from executing from a known ransomware location such as temporary folders related to internet browsers.
6. Create a Dynamic Disaster Recovery Plan
It may be virtually impossible to put enough controls in place to stop any cybercriminal. They change their tactics often and get smarter every time. The best defense is to have a disaster recovery plan that allows you to ignore the demands for ransom and get your systems back up and running quickly.
7. Establish Off-Network Backups
Ransomware attackers count on the fact that you’ll be desperate to get your data back, and will quickly pay the ransom. You can avoid that situation by creating an off-network backup for at least critical systems. Restoring your systems as quickly as possible will definitely frustrate the cybercriminals.
Related: The 3-2-1 Backup Rule: Why It’s Important
8. Get Management Support
The fight against ransomware attacks requires the support of management. Senior executives need to make cybersecurity a priority and communicate that company-wide. In addition, a comprehensive approach to stopping attacks will require the financial support that only a dedicated senior management staff can provide.
9. Train the Staff
Many cyberattacks start from a phishing email that lets an unsuspecting employee introduce a threat. Another common source is the surfing employees do on the internet. That’s where they can inadvertently visit a website or download something that introduces a threat.
Train employees on how to identify and avoid suspect emails. Besides that, educate them about the purpose for their browser identifying suspect websites and the importance of taking the warnings seriously.
Your Organization’s Next Steps
You may find other actions you can take to avoid ransomware attacks. However, if you haven’t addressed the issues listed above, you’re particularly vulnerable.
If you want to get started on making your system more capable of frustrating ransomware attacks, contact us to learn how we can make your organization ransomware-proof.