Ransomware Basics: Implementing Ransomware Best Practices

Jason Reid disaster recovery

Ransomware Best Practices

When it comes to ransomware, prevention is always better than cure. Implement ransomware best practices and protect your business from attack.

Ransomware attacks are one of the key threats to your IT systems in 2017. Cybercriminals have realised their potential for extorting money from businesses of all sizes, and the frequency of attacks is on a constant upward curve. To add to the threat, today’s ransomware attacks are much more sophisticated than the original CryptoLocker malware, first seen in 2013. In our previous two ransomware basics blog posts, we took you through the main varieties of ransomware and the steps you should take to find out if you’ve been infected. In this final blog in our ransomware basics series, we’ll take you through the ransomware best practices that you should implement to protect your business from attack.

Ransomware Best Practices

It’s a lot less painful to prevent a ransomware attack than it is to recover from one. Implementing ransomware best practices will reduce the risk of ransomware infection. And should the worst happen and your business becomes infected, ransomware best practices will help you recover a lot more easily and quickly.

  • Educate your users. Possibly the most important aspect of your business’s ransomware best practices is user education. Many ransomware attacks utilise social engineering, and therefore rely on victims being unaware of the threat they face. Educate your users on how to spot a phishing email, how to avoid suspicious and potentially compromised websites, and how to work safely and smartly. Your users will change from being a security liability to becoming your first line of defence.
  • Implement effective backups. Outside of prevention, your best defence against the damage caused by ransomware attacks is an effective backup strategy. This doesn’t mean weekly backups to physical disks that are left in a corner to gather dusk. Effective backup services, such as AssureStor’s backup2cloud platform, take regular backups that allow you to identify and recover individual files to a point before they became encrypted. This drastically reduces recovery time and productivity losses.
  • Ensure that your system security is up-to-date. Modern businesses should have firewalls, endpoint antivirus on servers and workstations, email filtering, and web filtering deployed throughout their environments. Ensure that you have effective and up-to-date system security in place on all devices, along with strong perimeter security. It’s also important that you keep up with the latest security and critical patches; weaknesses in out of date operating systems and applications can be exploited by cybercriminals.
  • Threat intelligence and anti-ransomware. Security technology is available that delivers threat intelligence, both at the network perimeter and throughout your IT infrastructure. Information packets and sender IPs are proactively checked against a list of known suspicious patterns and sources, and are blocked in the event of any alerts being detected. Your business may wish to consider implementing this security technology in order to provide an additional layer of protection against ransomware attack.

Protect Your Business from Ransomware

In this short series of blog posts we’ve provided an overview of the ransomware threat that faces businesses in 2017. Ransomware isn’t going away, and if your business isn’t taking to steps to protect itself from infection, it should be. People, processes, and technology need to work together to prevent attack or, in the worst case, recover from an infection.

At AssureStor we have experience of successfully helping businesses recover from ransomware infections. Our backup2cloud and dr2cloud platforms enable rapid recovery, minimising risk and reducing the financial, operational, and reputational damage that ransomware attacks can cause. If you’d like to discuss your business’s ransomware preparedness, get in touch. We’re confident that we can help you improve your protection by implementing ransomware best practices.