Best Practises To Protect Company From Ransomware

protect data from ransomware

One of the most frequent questions we at Empower IT are asked is, “What can our company do to prevent ransomware?” Unlike more traditional cyber threats which are easy to spot and block, the ever-adapting ransomware changes the way it approaches your business. Despite this chameleon-like ability, almost all forms of ransomware have a few shared characteristics that you can use to identify them.

The best, if not only, way to protect your business from ransomware is through identification and prevention. That’s because once a computer or system has become infected with ransomware, it is essentially too late to do anything about it. Unlike other pieces of malware which can be picked up by antivirus software, ransomware continues to exploit new security loopholes to avoid detection. You and your employees must understand where ransomware comes from and what you can do to circumvent this threat.

With this in mind, let’s take a look at six of the best practises when it comes to protecting your company from ransomware. And if you want to learn more about just how much a ransomware attack can cost your business, click here to see our blog on the subject.

1.) Block dangerous websites

While a majority of ransomware threats are distributed via email, there are also some websites out there containing download links to it. These normally hide in enticing offers such as free music or TV show downloads and are probably sites you don’t want your employees visiting even if they were safe. While the level of internet protection at your company will vary depending on your needs — for example, some companies are okay with Facebook while others are not — you should set up basic protection measures that block access to any site containing malicious content. Doing this will immediately close one potential entry point at your company.

2.) Authenticate senders

Email continues to be the most prevalent place for cyber criminals to distribute ransomware and the means of doing this are sophisticated and compelling. An easy way to stop receiving emails from unwanted senders is to utilise sender identity technologies. This technology will verify the IP address and domain of the server an email is sent from and immediately delete any that do not pass authentication tests. This is different from normal email filtering which will often times reroute these emails to a junk folder where users can still access them.

3.) Deny .EXE attachments

In order to begin running on a system, a user must run the .EXE file the ransomware is stored on. Unless your company needs to exchange these types of files with clients and employees via email (and most don’t), it’s best to simply block any message containing these types of attachments. This is another way to weed out legitimate emails from those containing ransomware. If your business does need to send .EXE files, consider using a cloud-based storage system that will allow you to create a password-protected environment for file downloads.

4.) Double check DOC and ZIP files

The other method of tricking users into running ransomware involves hiding the .EXE file in a ZIP folder or putting the script in a Word document along with a note at the top of the document telling the reader to enable macros to correct the coding. It’s important to educate your employees on the dangers of these two file types and ensure they never enable macros or run an .EXE file found in a ZIP folder if they have even .01 percent of doubt of who the sender is. Instead, they should contact IT or management immediately and notify them of the situation.

5.) Keep your patches up to date

Another good practice when it comes to ransomware prevention is to constantly update your software security patches. While this is not a cure that will prevent every cyber threat out there, ensuring your systems are up to date can protect you from older versions of ransomware that have been identified but still might be floating around. As we mentioned, cyber criminals constantly update ransomware to take advantage of new loopholes after old entrance points have been blocked, but older versions may still be sent out as well. These will be able to lock your systems if you haven’t updated your security patches accordingly.

6.) Keep your backups prepared

While you can try your hardest to educate employees and stop ransomware from entering your business, there is no foolproof plan to prevent it. That’s why you want to make sure your backups are ready and regularly updated off-site. Should ransomware be installed on your systems, you can simply retrieve the backups and restore everything quickly and hassle free. Remember, a system restore is no longer enough these days as ransomware is able to locate this and delete it preventing you from using this method. Full back-ups that are working and tested should be considered essential to your operations.

The Director of Empower IT, Salim Sukari says, “When it comes to protecting your business from ransomware, unfortunately there is no piece of security software that you can simply install to receive 100 percent protection. It takes incremental measures and best practices to stay safe. And these must adopted and practiced company-wide because all it takes is one employee to let ransomware into your systems.”

Contact Empower IT today if you need additional information on how you can protect your business from ransomware or if you want to start adopting some of the best practices mentioned here. We can assist with backups, cloud migrations and implementation and a host of other technology services that will ensure your organisation is safe and sound.