As we stated in our previous blog, ransomware is a data hostage situation. A hacker will lock your data, ask for a large sum of money, and only return your data when you pay them in Bitcoin or other less traceable means. Here are three more ways how to prevent a ransomware attack at your company.
Use an on-premise, hybrid, or cloud Network Disaster Recovery Service (DRaaS)
A company can truly take the wind out of a ransomware attack with a good backup and disaster recovery plan. A professional backup solution should be able to allow a backup to be reinstated within minutes to hours, depending on your company RTO rules in your IT plan.
BONUS TIP: Make sure your internal IT or consulting IT teams schedule hack simulations to prove your DR plan works as your IT plan states.
Firewalls with intrusion detection technology (IDS)
Most professional firewall hardware manufacturers have the ability to add intrusion technology – or sometimes called network sniffing – which looks at all network traffic for signatures of malicious activities.
Multi-factor authentication with strong Password Protocol
Many ransomware attacks come from the hijacking of an employee email account, domain access, or via poorly configured remote desktop access via port 3389. With strong passwords and MFA, much like your bank, the ability to hijack a corporate user becomes much more difficult. Always Update your endpoints
Update, Update… and Manage Updates
Make sure all your organization’s operating systems, applications, and software are updated regularly. Applying the latest updates will help close the security gaps that attackers are looking to exploit. Where possible, utilize endpoint management software to globally update and protect PCs and other equipment utilized by your team.