How to achieve effective ransomware protection
Ransomware protection is often seen as a selling point for anti-malware products. In actual fact, however, it should be seen as an overall strategy for protecting your systems against ransomware.
Always practice effective IT hygiene
A lot of malware attacks simply take advantage of either known vulnerabilities or ineffective processes (or a combination of both). This means that before you start looking at advanced anti-ransomware strategies, you need to make sure that you have taken care of the basics.
In terms of ransomware protection, the most important part of effective IT hygiene is making sure that you only use operating systems and applications which are still supported by their developers. This means that they will at least receive security-related updates and you need to apply these promptly. If necessary, get a managed IT services provider to do this for you to make sure that it actually happens.
Remember that all of the main operating systems are vulnerable to ransomware. This means MacOS, iOS, Android, and Linux as well as Windows. In fact, Linux is becoming increasingly vulnerable as attackers look to target back-end servers, i.e. places where companies are most likely to store their sensitive data.
Take data security seriously
These days, you have to work on the assumption that your defenses are going to be breached and think about what steps you can take to protect yourself when that happens. Your first priority is to protect your data from being stolen. Currently, the only reliable way to do that is to store it encrypted.
It wouldn’t hurt to store all your data encrypted. It would, in fact, be very sensible to store all your sensitive data encrypted. At the very least you need to store all your personally identifiable data encrypted. This includes any personally identifiable data you collect from your own employees.
Your second priority is to make sure that you do everything possible to ensure that you can retain access to your data. In this context, the key point to understand is that any attack which can get into your production system can almost certainly get into your local backup as well. This is one of the reasons why you also need an off-site backup.
In fact, ideally, you should have an off-site data storage location with data backups from different time points. This is because it’s becoming increasingly common for malware creators to create ransomware which either lies dormant for a while or which works slowly. The idea is to have the software remain undetected until the encrypted files have replaced healthy files in backup systems and then force the victim to pay for the key to decrypt them.
Once you have created a data-backup solution you think works, make sure it does work. Test it and commit to testing it regularly. Also, commit to performing a malware scan on any backups you use for restoration in case there is any malware lurking in them.
Implement effective IT security
Effective IT security means a combination of digital security, physical security, and solid processes. Digital security means a robust anti-malware product, which includes ransomware protection. Specifically, you want a cloud-based all-in-one solution with an integrated firewall, backed by a reputable cybersecurity company. Resist any temptation to reduce costs by sticking with the default security apps which come bundled with the main operating systems. You may find out the hard way that this is a false economy.
Physical security matters too, especially when it comes to ransomware. Although it’s relatively unusual for malware to be installed via physical storage media, it is more of an issue with ransomware. The reason for this is that ransomware can be so lucrative that it can be worth the extra effort, particularly if a company is lax about physical security and effectively makes itself a soft target.
Last but definitely not least, you absolutely must have robust processes in place for how your company systems are used. What this means in practice will depend on what kind of systems you have. For example, if all your workers are based out of a single, business-owned location, then your main priority would be policies around internet and email usage. If, however, you have remote/mobile workers then you need to think about how they connect to the network and what that means for security.
It is crucial to ensure that all policies are communicated to employees and that they are reminded of them with an appropriate frequency (or else they will forget). They need to be enforced consistently and fairly, ideally through automated systems such as filtering.
Please click here now to start your free 30-day trial of Comodo AEP.