Posted: 21st October 2022
Whether a large corporate organisation or SME, it’s important to do all you can to protect your business from ransomware. From 2020 to 2021 alone, ransomware-related cyber attacks have risen by a shocking 82%.
And it’s not just the financial devastation that causes damage to those who fall victim. Businesses often suffer double extortion and find their stolen data leaked or sold online, causing irreparable damage to their reputation.
This double extortion tactic by cyber criminals now means businesses need more than robust data backups and disaster recovery to bounce back. It takes a multi-layered approach to combat ransomware.
Protect your business from ransomware with these 4 steps
There is no one solution to protect your business against ransomware. But put these methods together and you significantly increase your chances of avoiding an attack.
#1. Email Security
With phishing being the number one threat vector, a secure email system is a must. For your email security to be robust, you should have DMARC, SPF and DKIM implemented within your domain. In addition, you should have an email security solution in place. Many use AI technology to block phishing emails from ever landing in users’ inboxes, eliminating the human-error risk.
Check these 7 tips to avoid a phishing attack.
Finally, all employees should be given periodic cyber security awareness training that will help them identify and report potential phishing activity. Armed with knowledge and understanding, your teams are one of the most important layers of protection you have.
#2. Multifactor Authentication and Passwords
All users should be setting long and complex passwords, unique for each system they use, and understand the importance of this. It’s so easy to cut corners when it comes to passwords, especially when employees will need to access multiple systems in a day. But failing to follow password best practices can put your business at the greatest risk. Password managers and additional authentication methods can be introduced to support users. With these in place, your team members will only need to recall one password to access the others they need.
Multifactor authentication should also be activated on all accounts. It’s a quick win as far as security methods are concerned and is believed to prevent 99.9% of account compromise attacks.
#3. Patch Management
Many users will delay software updates due to the inconvenience of having to restart their PC. But these updates regularly include vital security patches and can leave your network vulnerable to a cyber attack if missed. Updates can be forced using a Mobile Device Management solution. Alternatively, you can put your patch management in the hands of a Managed Service Provider who will ensure all updates are performed out of hours so as not to disturb productivity.
Is your business ready for a managed service provider?
#4. Endpoint Detection and Response (EDR)
The strongest way to protect against ransomware and double extortion is to focus on entry points. An EDR solution will detect and stop most ransomware variants should they make it through email security and a malicious file downloaded. See it as the attackers ‘ end-of-level baddie’ if they make it past all other security layers. An EDR solution is one you hope you never need but if you ever did, you’ll be glad you had it.
Cyber security is our speciality
Our proactive approach to cyber security means your systems are constantly monitored in the background while you focus on your daily business. Regular cyber security audits are carried out as standard for all of our clients based on the 5 key controls laid out by the Government-backed Cyber Essentials initiative.
We also ease the pressure of keeping up to speed with the latest cyber crime developments as we do that for you. To find out more, drop us a line – we’re waiting to share our expertise with you.