Small Business Alert: Here’s How to Reduce the Risk of Malicious Technology
Governments and healthcare aren’t the only organizations hit with ransomware — small to mid-size businesses are huge targets. See how to reduce risk and recover after an attack.
1. Robust Backup and Disaster Recovery Strategy
One of the most important things that you can do as a business leader is to immediately deploy a robust backup and disaster recovery strategy. This includes ensuring that your backup meets the needs of your business; while some organizations need a near real-time backup, others are able to manage with a backup every five minutes or so. It’s a fine balancing act between the potential data loss and the cost of ensuring that every single transaction and change to your data is captured. More stringent backup measures are often required to maintain compliant in financial, healthcare, legal fields.
2. Deploy Proactive Security Measures
The best defense starts with proactive security measures that stop the majority of these attacks before they make it near your sensitive business systems and customer information. Content scanning programs and tough email scanning strategies can help reduce the possibility of falling victim to a ransomware attack. As you’re setting up email scanning, keep in mind that even the most innocent-seeming attachments from an unknown source could prove to be dangerous.
3. Ongoing User Training
Ensuring your users fully understand the potential damage that can be caused to the organization by an accidental click on the wrong link or attachment is mission-critical. Studies show that 96% of ransomware attacks originate in email boxes, with employees much more likely to fall victim due to social attacks than actual system vulnerabilities. While the majority of staff members do not click on malware when it comes in email form, there are still enough taking the bait and allowing cybercriminals to gain a foothold within the organization.
With phishing emails being the top delivery system for malware in 2019, education should extend far beyond not entering your username and password on a dicey website. Any simple file attachments such as a Microsoft Word, Excel or PDF file could easily be infected. If you open a file that arrived via email and it requests a login and password — think twice before taking that step. Common sense and awareness are the best ways to reduce the spread of ransomware. Be sure users know the trick of hovering over an email address to confirm that the text of the address and the actual address are the same. Even an email that appears to be from a trusted internal source could be a masked email masquerading as something more benign.
4. Maintain Antivirus and Anti-Malware Software
Simple antivirus and anti-malware software should be installed not only on your desktop computer and laptop but also on your mobile devices, too. Think of antivirus software similar to a flu shot — you’re never completely sure which versions of the flu will be the strain that is highest in priority for the year, but taking the flu shot still improves your chances for survival. Antivirus software isn’t a perfect solution, but it certainly adds a level of protection for your business.
5. Keep All Patches Current
If you’re on a Microsoft platform, patch maintenance is a vital part of your cybersecurity strategy. At the end of January 2020, Microsoft will no longer support Windows 7 — meaning the patches will no longer be available. Every time Microsoft releases a new patch, it might as well as a blueprint for cybercriminals to look for vulnerabilities. If you haven’t applied the provided patches, your system is open game for predators looking for an easy win.
6. Ensure Your Remote Connections Are Secure
Your staff members should always be aware that public WiFi is a dangerous proposition. You can’t trust that the free coffee shop WiFi is fully protected, and you should never connect to secure sites from a connection that is less-than-secure. Surfing the web for basic information may be fine, but even social media sites can be dangerous because anyone can capture your password — which might be used on other sites.
7. Limit Connections to Social Media and Streaming Sites
Are you seeing a bit of a productivity drain from your staff, but can’t figure out what’s happening? You might be surprised to learn the amount of time that people spend on social media and streaming video sites on a daily basis — much of it during working hours. Even staff members with the best of intentions can be distracted while looking up a quick video, and look up only to realize that 30 minutes or more has passed by and their productivity is quite a bit lower than expected for the day. DNS filtering software not only helps reduce the possibility of a cyberattack but can also block social media and other ‘sinkhole’ sites from your staff.
There are no easy ways to manage ransomware other than having an excellent backup. Most security professionals do not recommend paying a ransom, but without a secure backup that is easily accessible — you may not have other options. If you’re concerned that there are security issues in your business, it’s imperative that you contact a professional who has experience providing superior cybersecurity support. At LAN Infotech, we work with organizations of all sizes to ensure that your business data and applications are fully backed up and secure. Contact us today at 954-717-1990 for a free initial consultation, or fill out our quick online form for more information about how we can keep your business safe online.
LAN Infotech is a Microsoft Cloud Services Provider, IT Managed Support company and a leader in helping law firms, nonprofits and medical organizations deploy cloud solutions, manage computer networks, keep data protected and top technology management company. Businesses like yours need technology support to run highly-effective organizations.