Reducing Risk To Your Company
Use this checklist of best practices to help prevent a ransomware attack from damaging your organization. Thwart ransomware damage to your company by ensuring you have a tested and reliable backup of your data stored completely separate from your operational network.
- Apply security patches and updates to systems as soon as they are available. Exploitation of known vulnerabilities in unpatched systems has been key to the success of ransomware attacks.
- Use the latest version of your antivirus software and update it frequently.
- Maintain a strong, updated firewall and monitor consistently.
- Implement content scanning and filtering on your mail server and block known threats and attachment types that are executable. Logically, chances of an attack will be reduced if employees receive fewer emails that contain spam or malware.
- Limit administrator level access to your network and require the use of separate credentials when performing all administrative tasks.
- Remove local administrative rights on computers for all users to block access to critical system resources and files that ransomware is targeting for encryption and to restrict the ability to install software applications, which includes dangerous malware.
- Implement ongoing training for all staff on best practices for maintaining a safe and secure computing environment, which includes:
- Inspecting websites that you visit and looking for signs of look-alike websites such as those using a slightly misspelled URL.
- Inspecting every email carefully — even if it appears to be from someone you know. Click “reply” to see who the email was actually sent from. Oftentimes, criminals mask who the true sender of an email is in order to deceive the receiver.
- Inspecting every link in an email you receive by rolling your mouse over it to see the true destination that is linked. Open a new browser window and type in the URL instead of clicking the link in the email.
- Creating and maintaining strong passwords.
- Avoiding public Wi-Fi to conduct business where criminals can capture user credentials for your network.
If you do experience a ransomware attempt or successful attack, alert local law enforcement and report it to the FBI’s Internet Crime Complaint Center. Read our ransomware article or visit our Ransomware Reporting Checklist for more information about what you’ll need to file a complete report.