Progressive Computer Systems, Inc.
Call us: (919) 929-3080
  • Home
  • About Us
    • Our Team
      • Under Attack! – Book Release
    • Awards
    • Community Involvement
    • Referral Program
    • Testimonials
    • Join Our Team
      • Job Postings
  • Services
    • Complete List
    • Managed Services
      • ProgressiveCARE Managed Services
    • Cybersecurity
    • HIPAA Compliance
    • Cloud Services
    • IT Consulting
    • Email & SPAM Protection
    • Cabling & Internet Services
    • IT Outsourcing
  • Solutions
    • Strategic Planning
    • Business Continuity
    • IT Infrastructure
      • Why Use Progressive?
    • Network Security
      • Security Concerns
    • Virtualization
    • Business Assessments
    • Unified Communications
    • Hardware & Software
      • Recommended Equipment
  • Partners
  • Industries
    • Life Sciences
    • Health Care
    • Professional Services
    • Government & Education
    • Non-Profit
  • Resources
    • Professional Network
    • Under Attack! with Lisa Mitchell – Book Release
    • Newsletter Archive
  • Contact Us
    • Referral Form
  • Portal
    • Client Portal Login
    • Online Payment
Search the site...

14 Tips to Protect Your Business from Ransomware Attacks

Ransomware attacks are the fastest growing malware threats. On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. Ransomware, a type of malicious software that infects and restricts access to a computer until a ransom is paid, affects businesses of all sizes. The good news is that there are best practices you can adopt to protect your business.

  1. Implement an awareness and training program. Because end users are targets, employees should be aware of the threat of ransomware and how it is delivered.
  2. Enable strong spam filters to prevent phishing emails (an attempt to obtain sensitive information electronically) from reaching employees and authenticate inbound email using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
  3. Scan all incoming and outgoing emails to detect threats and filter executable files (used to perform computer functions) from reaching employees.
  4. Configure firewalls to block access to known malicious IP addresses.
  5. Patch operating systems, software, and firmware on devices. Consider using a centralized patch management system.
  6. Set anti-virus and anti-malware programs to conduct regular scans automatically.
  7. Manage the use of privileged accounts based on the principle of least privilege: no employees should be assigned administrative access unless absolutely needed and those with a need for administrator accounts should only use them when necessary.
  8. Configure access controls—including file, directory, and network share permissions— with least privilege in mind. If an employee only needs to read specific files, the employee should not have write access to those files, directories, or shares.
  9. Disable macro scripts (tool bar buttons and keyboard shortcut) from office files transmitted via email. Consider using Office Viewer software to open Microsoft Office files transmitted via email instead of full office suite applications.
  10. Implement Software Restriction Policies (SRP) or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers or compression/decompression programs, including the AppData/LocalAppData folder.
  11. Consider disabling Remote Desktop protocol (RDP) if it is not being used.
  12. Use application whitelisting, which only allows systems to execute programs known and permitted by security policy.
  13. Execute operating system environments or specific programs in a virtualized environment.
  14. Categorize data based on organizational value and implement physical and logical separation of networks and data for different organizational units.

Visit the U.S. Computer Emergency Readiness Team website for additional information on how to protect your business from ransomware attacks.

Editor’s note: Best practices provided by the U.S. Government interagency guidance document, “How to Protect Your Networks from Ransomware”.

by Natale Goriel, used with permission from SBA.gov

Share this:

  • Share
  • Facebook
  • LinkedIn
  • Twitter

YOURS FREE!

The 7 Most Critical IT Security Protections Every Business Must Have In Place. PLUS: Healthcare & Data Security chapter from the Bestseller, "Under Attack!"

Sign Up Now

Under Attack!

Now Available on AMAZON!

Recent Posts

Click here to view our recent posts.

Archives

Subscribe to Our Blog via Email

  • (919) 929-3080
  • (919) 929-3087
  • PCSsales@pc-net.com
  • PCSsupport@pc-net.com
  • Contact Us
    • Linkedin
    • Twitter
    • Facebook
Mailing address:
Progressive Computer Systems
615 Eastowne Drive
Chapel Hill, NC 27514
Directions

YOURS FREE !

The 7 Most Critical IT Security Protections Every Business Must Have In Place. PLUS: Under Attack! Book Chapter.
Sign Up Now for Your Free Chapter

HP Virtualization

© 2020 Progressive Computer Systems