6 Ways To Improve Ransomware Protection

May 2, 2022

I understand. You’ve got a business to run. Your focus is on keeping the cash flowing so you can pay your staff or go on that vacation of a lifetime.

But, sometimes you wonder if you’re doing all you can to protect the interests of your company and customers. You keep hearing about ransomware hitting other companies.

And you wonder if you’re doing the right things to prevent ransomware at your SMB…

It’s easy to overlook some of the fundamentals of protecting information about the customers and your company. Take a look at these 6 fundamental changes you do right now to help reduce your risk. I can’t guarantee complete protection because there are always new attacks being developed.

  1. Change all default passwords to be unique and strong. You’ve probably got a network and/or wireless router. You’ve probably got a network attached printer. Maybe you’ve got a network file storage device. You’ve probably got other things on your network. They all have default passwords that are easily found with a Google search. And the Bad Guys know what they are! If a Bad Guy can log into your Internet router with a default password, they can compromise your entire network. Make that change!
  2. Patch your computer systems and software. All software have weaknesses. The Bad Guys are really good at finding the weaknesses (tech folks like to call these vulnerabilities). When Microsoft (or any other system/software provider) issues updates, they are usually fixing vulnerabilities. Bad Guys use these vulnerabilities to gain access to the computers systems. Then they are able to access other devices on your network. You should turn on the ability of your computers and software to check for and apply updates automatically. If you have devices that don’t check automatically, log into them monthly and check for updates. Make that change!
  3. Be sure antivirus software is installed, active, and updated. Often, precursor malware is installed. And often antivirus software catches that and keeps it from being installed. You should be running antivirus software on your computers. It is a basic first line of defense. If you find computers that do not have antivirus running, you should enable it. Make that change!
  4. Maintain offline, encrypted backups. For years we’ve talked about the importance of backups in the event your computer fails. In the context of ransomware, these backups are even more important. Even more important is that these backups need to be offline. The risk is that if they are attached (either directly or via network) the ransomware infiltration will find and delete the backups! So, to the cloud is often a good solution. You can find some good personal and SMB cloud backup solutions with a Google search. You won’t regret this. Make that change!
  5. Understand how to recognize risky email. Email is a primary vector for ransomware infection. You get an email from the Bad Guys that has a malicious attachment or has a link to an infected website. This attempts to then run the ransomware. Game over! Take steps to train staff in recognizing phishing emails. Many email systems let you establish filtering of phishing emails at the server. Do that. Make that change!
  6. Enforce strong and unique passwords. Websites exist where you can find usernames and passwords from breached websites. You don’t want to use the same password on your social networks and your banking website. You should work hard to ensure that each website account has a unique password and is 14 or more characters long. The only reasonable way to do this is with a password manager. For an added layer of protection, you should enable multi-factor authentication on every website possible. This all takes a little work to set up, but the value you gain is immeasurable. Make that change!

Yes, there are more things you can do to prevent ransomware. But these foundational steps should be done. You won’t regret it!

You May Also Like…

Canopy.us for child safety

Canopy.us for child safety

How do we protect our children online? This is a common question from parents. There are numerous solutions available...

DIY Cyber Risk Assessment

DIY Cyber Risk Assessment

This is the second of two articles on Risk Assessments. The first part asked the question, Do I Really Need To Do A...