A reliance on data underpins the majority of global businesses today, and a data breach can bring an organisation to its knees. Recently, the multinational technology company Yahoo fell victim to hackers and a reported 500 million users were impacted and subject to ransomware.
Ransomware is a particularly nasty type of malware due to its quickly evolving and exploitative nature. It is also surprisingly diverse. For instance, one type of ransomware may work by encrypting common file types, deleting the originals and then demanding money from the victim to unencrypt, while another might systematically threaten to delete vital records over a specified time period until money is paid to the hacker.
The good news, however, is there are a few simple steps a business can take in order to protect itself from Ransomware.
Install Robust Firewall and Email Firewall Systems
Firewalls should be viewed as the first line of defence against unauthorised communications. If you picture your IT defence system as a 10th century army, the firewall system would be the foot soldiers, forming a protective shield around the central core (in this case your company data). Therefore, if your firewall is penetrated or not up to a high standard, your data is immediately put at risk.
Companies typically favour well known Firewall systems such as McAfee, Fireye and Fortigate to protect themselves and there is a considerable range of products available on the market. An area less frequently used however, are specific email firewall systems. Systems like Mimecast use the cloud to screen employee emails and identify anything potentially dangerous, it then sends the user an email prompt asking if they would like to receive or reject the email into their inbox.
Yusuf Yenegah from Microbyte urges you to be extra vigilant, “Firewalls do have their vulnerabilities however, and working alone they are not strong enough to detect and block Trojans and malicious software such as ransomware – This is where a strong antivirus programme comes in.”
Make sure Your Antivirus Solution is up to the Job
A good antivirus programme will actively seek out any harmful files or malware and destroy them before they can compromise your data, so it is vital to ensure they are durable and regularly kept up to date.
IT professionals will always recommend you keep Antivirus systems regularly updated. Most systems these days will notify you with an automated reminder when your system needs updating, but we are all guilty of occasionally ignoring these pop-ups when we are in the middle of an important task.
Ransomware is constantly evolving, so antivirus software needs to follow suit. Developers are continually striving to update their antivirus systems and pre-empt potential cyber-attacks.
Make regular back-ups of Network Files
Back up! Back up! Back up! It is prudent for a business to back up essential records once or even twice a day if they work with valuable data.
Backing up your files is the only way to ensure that a copy of your data remains safe if your system is contaminated with Ransomware, particularly as negotiating with the hackers more often than not leaves you out of pocket and does not lead to the safe recovery of your data.
It is also a good idea for businesses to regularly clear down any files held on a shared drive that is accessible to a group of employees as these can be more vulnerable that localised files.
Once backed up, files should always be stored in an alternate, secure location.
Educate Your Employees
Finally, one of the most important ways a business can protect itself against Ransomware is by getting their employees on side.
A company should deliver regular talks and seminars on IT safety and install a company culture of staying watchful and speaking up if they encounter any suspicious software or programmes on their computer. The majority of employees will know not to open doubtful attachments or hyperlinks in emails, however it doesn’t hurt to regularly drive this message home so that no one is caught off guard.
An effective way a business can ensure employees are clued up on a companies’ data policy is by assigning mandatory learning assignments. Litmos is an online training tool that uses video, text and audio content to educate individual users on company policies.
Finally, it is a good idea for a companies’ senior management team to work in close conjunction with the IT department to keep a close ear to the ground when it comes to ransomware attacks on other businesses (particularly those in a similar industry). A simple preventative method such as a mass email to employees letting them know the techniques that hackers are using can protect a company from an invasion. Forewarned is forearmed.