The worldwide ransomware epidemic shows no signs of slowing down. Cybercriminals around the globe are constantly coming up with new ways to infect your business’s network, encrypt your digital files, and hold them hostage until a ransom is paid.
The good news is that, in addition to implementing a data backup and disaster recovery solution, you can take some key steps to avoid falling victim to ransomware.
If you’re running a small business that manages its own information technology systems, be sure to follow the steps below. Or, if you’re working with an IT solutions and services provider to manage IT, make sure they’re following these steps to reduce your exposure to ransomware:
1. Require strong, complex user passwords that are changed at least every 90 days. Lock accounts after a set number of failed log-in attempts. Protect user systems with screen locks, and automatically lock users out after a defined period of inactivity.
2. Eliminate most local administrative rights, applying the principle of “least privilege” to all systems and services. Restricting these privileges can prevent ransomware from running or limit its ability to spread through the network.
3. Apply sound patch management strategies to close vulnerabilities in operating systems and apps, particularly third-party applications from vendors such as Oracle (Java) and Adobe. Vulnerable applications are the target of most attacks—by having the latest updates, you’re reducing the number of entry points available to a ransomware attacker.
4. Enable host-based anti-exploitation features such as Microsoft Enhanced Mitigation Experience Toolkit to monitor, log, and disable processes related to common memory-exploitation techniques such as buffer-overflow attacks.
5. Tag all e-mails originating from outside the client organization with “[EXTERNAL]” in the subject line to thwart targeted phishing attempts that spoof the organization’s domain.
6. Disable auto-run features for external media and disable macros in Microsoft Office documents attached to messages from external senders. Scan all software downloaded from the internet prior to executing.
7. Have an incident response plan with formally documented procedures that all key players know and follow on an ongoing basis. The plan should outline specific steps on what to do when ransomware is discovered, including individual responsibilities, business-unit jurisdictions, and alternate workflow contingencies.
Keep in mind that Carbonite endpoint and server backup services are an essential element of a ransomware protection strategy for small and midsize businesses. Through consistent, persistent, and reliable cloud-based backup, Carbonite ensures that small businesses always have access to uncorrupted, mission-critical data.