June 18, 2016
Checklist: 4 Ways to Prevent Ransomware

Checklist: 4 Ways to Prevent Ransomware
In our last article we
defined what exactly ransomware is and how it’s becoming one of the top threats to small and medium sized businesses in
2016. Now we examine how to prevent ransomware that don’t involve unplugging your PCs and servers.
The best offense against ransomware is a good defense. Ransomware doesn’t have to be one of your company’s worries, if
you put the correct preventative measures into place. In fact, there are 4 things to implement now to avoid being the
ransomware hacker’s next victim.
1) Strong Prevention Security is required to keep hackers from being able to infiltrate and encrypt
your data.
This includes:
- Strong email security with real-time reputation inspection, anti-spam, anti-malware anti-phishing
- Strong corporate level endpoint security including APT, adv. malware detection, app. white listing, and C&C
awareness- Use “server specific” endpoint security on your servers. Server protection is different than desktop
security - Restriction of unapproved program execution (user controls).
- Aggressive patch management on all system files and applications.
- Use “server specific” endpoint security on your servers. Server protection is different than desktop
- Strong gateway security (UTM firewall with APT, Anti-malware, app. control, IDS, Web filter, SSL, reputation
checking) - Some form of APT solution for firewalls, networks, email, and endpoints.
- “Defense in depth” security strategy with overlapping protections (such as gateway + endpoint + network).
- Use security experts for:
- Secure setup. Inappropriate setup provides poor security even with great security products
- Ongoing security management (configuration changes, updates, maintenance, monitoring, compliance)
- Training on phishing (regular surprise phishing drills) and education
2) Unified Security Monitoring (SIEM)
Having the infrastructure in place to prevent an infiltration allows you to keep hackers at bay, but these
systems don’t provide integrated security monitoring of evolving and intelligent threats – such as ransomware.
Security monitoring allows you to continually scan and analyze activity on your infrastructure for malware,
C&C detection, file integrity monitoring, IDS, vulnerability scanning, alerting, prevention and forensics.
It enables you to not only put the gate in front of your data, but the watch guards, as well.
3) Server Monitoring
Finally, you should strongly consider employing server monitoring software to al