Australian businesses are at great risk for ransomware attacks due to their often low cybersecurity posture and there is a need for businesses to educate their people about basic cybersecurity and cyber hygiene, according to the Australian Cyber Security Cooperative Research Centre.
Therefore, it’s little wonder that the question “How do I make sure my company never pays a ransom for our data?” is becoming high on business owners’ agendas.
The first step in preventing a ransomware attack is properly educating your employees about what ransomware is and how it infects systems. The most iron-clad software and hardware is of no help if an employee is careless. Part of your strategy should include a plan for helping your users spot and avoid ransomware. Many businesses hold mandatory quarterly security seminars where admins help employees understand various types of cyber-attack. Your plan should cover everything from ransomware to phishing to the growing threats from social engineering scams.
The following are eight simple security practices for employees to ensure they do their part in keeping these increasingly common attacks at bay.
Use email filtering
This reduces the number of potentially malicious emails coming your way. Businesses should invest in enterprise-grade solutions. These will use techniques such as blacklisting, whitelisting, and user-based email analytics to balance the filtering of spam and legitimate mail.
If email is the vehicle that drives it, then the attachment is the cargo you open to unknowingly unload the malware on your system. A lot of enterprise spam filters have scanning functions that allow you to check your messages for potential threats. Whether it’s built into your spam filter or anti-malware software, put those scanning capabilities to use before opening any email attachments.
Blocking select attachments is one of the most effective ways to stop ransomware at the gate. The system may prevent users from opening .exe, .com, .bat, .js, .docx, and other file types commonly associated with malware. Because this method could also restrict access to legit files you actually need, it might be a good idea to designate a separate server, such as the cloud, for exclusively handling blocked file types.
Preach safe surfing
Like malware in general, ransomware distribution is not limited to email. This type of infection can be spread by visiting rogue websites, downloading free software, and even connecting infected USB drives to your system. A computer security training program that covers all the basics of responsible web browsing can make a world of difference when it comes to staying protected.
Promote good data-backup habits
With so many employees working remotely, it’s harder for businesses to manage backups and store data on the corporate network. Encourage employees to be responsible and back up their data regularly. If they store data on a local flash drive inserted into their laptop, they should back it up to the cloud or another hard drive. If employees store their data primarily in the cloud, they should be sure to have another copy somewhere offline.
Encourage stringent cyber hygiene
All employees, especially those working at home, need to be regularly reminded to update the software on their devices and to enable all available security features, such as firewalls and anti-malware. Failing to install updated software and security patches is a well-known employee misstep that creates the gap for malware and ransomware to seize on.
Limit the number of files employees can access
Employees should only be able to access data and folders based on the principle of “least privilege.” This is the concept of only giving employees enough access to perform their required jobs. Least privilege can prevent workers from accidentally deleting or corrupting files they should never have had access to in the first place. Enforcing the least privilege can significantly reduce the risk caused by human error.
Test your people and systems
It is wise to consider regular testing once your network is in tip-top shape. This includes network vulnerability testing, testing backups, and testing employees—people are often the weak link in the security chain. That’s why some businesses formulate strategies for testing employees. That could include sending fake phishing emails or even hiring companies to conduct mock social engineering scams. Whatever the case, testing should be a regular part of your security strategy.