Checklist: 4 Ways to Prevent Ransomware

Prevent Ransomware Attacks

Checklist: 4 Ways to Prevent Ransomware

In our  last article we defined what exactly ransomware is and how it’s becoming one of the top threats to small and medium sized businesses in 2016. Now we examine how to prevent ransomware that don’t involve unplugging your PCs and servers.

 

The best offense against ransomware is a good defense. Ransomware doesn’t have to be one of your company’s worries, if you put the correct preventative measures into place. In fact, there are 4 things to implement now to avoid being the ransomware hacker’s next victim.

 

1) Strong Prevention Security is required to keep hackers from being able to infiltrate and encrypt your data.

This includes:

  • Strong email security with real-time reputation inspection, anti-spam, anti-malware anti-phishing
  • Strong corporate level endpoint security including APT, adv. malware detection, app. white listing, and C&C awareness
    • Use “server specific” endpoint security on your servers. Server protection is different than desktop security
    • Restriction of unapproved program execution (user controls).
    • Aggressive patch management on all system files and applications.
  • Strong gateway security (UTM firewall with APT, Anti-malware, app. control, IDS, Web filter, SSL, reputation checking)
  • Some form of APT solution for firewalls, networks, email, and endpoints.
  • “Defense in depth” security strategy with overlapping protections (such as gateway + endpoint + network).
  • Use security experts for:
      • Secure setup. Inappropriate setup provides poor security even with great security products
      • Ongoing security management (configuration changes, updates, maintenance, monitoring, compliance)
      • Training on phishing (regular surprise phishing drills) and education

     

2) Unified Security Monitoring (SIEM)

Having the infrastructure in place to prevent an infiltration allows you to keep hackers at bay, but these systems don’t provide integrated security monitoring of evolving and intelligent threats – such as ransomware. Security monitoring allows you to continually scan and analyze activity on your infrastructure for malware, C&C detection, file integrity monitoring, IDS, vulnerability scanning, alerting, prevention and forensics. It enables you to not only put the gate in front of your data, but the watch guards, as well.

 

3) Server Monitoring

Finally, you should strongly consider employing server monitoring software to al

X