Ransomware payments exceeded $2B in 2017. It’s become all too common. A ransom-ware attack can encrypt your most critical data and hard drives, and the fallout can wreck your company’s reputation. Paying the ransom won’t guarantee you’ll recover your files or ensure the code is removed from your corporate systems. Businesses need to protect users, their systems, and critical IT resources from ransomware, and respond swiftly to attacks, to protect your network and business.
In most cases, ransomware is spread using phishing or spam emails. Increasing end-user education and awareness are always good ideas, but it’s important to understand that the “bad guys” are professionals. They use many professional marketing and social engineering tools to improve their abilities to trick users into opening fraudulent emails and attachments. You should, therefore, assume that even the most educated and aware user may be tricked.
How to Protect
Ransomware incidents are on the rise. Organizations need to fight back with strategies, platforms, and solutions that enable them to manage and safeguard endpoints, protect against threats new and old, and advance toward enhanced protection. In the paragraphs below, I will outline some strategies for combating malware and ransomware in your organization.
For most organizations, patching should be the first or second line of defense against any attack. An effective patch management solution ensures that all critical patches and updates for operating systems such as Windows, Linux, Unix, Mac, as well as applications such as Microsoft Office, Adobe Flash, Java, and browsers are kept current.
You don’t want to fall victim to malware threats that are already identified and tagged by your AV vendor. Ensuring that your virus definition database is always up to date on all your workstations is the most important element of an effective AV strategy.
Minimizing privileges is an important tactic to protect against many types of malware, including ransomware. A privilege management system helps you define policies that limit administrative privileges to what authorized users need to do their work.
Data Access Controls
Define rules that prevent any program (other than those you specify) to modify critical or sensitive documents or files. For example, a rule that allows only Microsoft Word application to modify .doc and .docx files will deny any attempt by ransomware to encrypt any such files. Even if ransomware gets onto a user’s system, it won’t be able to encrypt protected files.
This strategy effectively eliminates the ability of any ransomware to run, since no ransomware is trusted. It ensures that only known applications designated as trusted can run on any endpoint. With dynamic whitelisting, your IT administrators can create flexible, preventive policies to help ensure only known and trusted applications can execute on your systems.
We provide a range of security solutions, based on Ivanti and Symantec, to help businesses meet their endpoint protection needs. To discuss this or other cybersecurity needs, call us at +233.54.431.5710 or write to firstname.lastname@example.org.
Apotica, headquartered in Accra, Ghana brings together the best information and communications technologies to help clients grow, compete and serve their customers better.