Recently, two media companies were hit by ransomware. In one case, the infection came from an unprotected employee’s laptop. In the other case, the malware source remains unknown. One company had their royalty system’s data files encrypted.
Ransomware is a form of malware. It infects your computer, encrypts your data, deletes the original data and demands payment to restore access to your files. Recovering from ransomware can be very expensive, in terms of money and time.
Small Company Ransomware Prevention
Step 1. Backup your data. Your data should be backed up to online and offline storage locations. If ransomware can’t access the backup files, it can’t encrypt them.
Step 2. Install internet security software. Here at Kensai we run Norton supplemented by Malwarebytes. Larger organizations will install software such as Symantec Endpoint Protection, Sophos Endpoint Protection or Cisco’s Meraki MX with an Advanced Security License.
Step 3. Activate automatic Windows updates.
Step 4. Update your computers to Windows 10. Windows 10 is more secure than older Windows versions. Older versions of Windows may not receive security updates.
Larger Company Ransomware Prevention
In addition to the steps listed above, here are a few malware protection steps that larger organizations often implement.
- Implement two factor authentication to restrict user access to specified folders. Two factor authentication requires something that you know; a password, and something that you own; a cell phone is one example, that receives an access code, to enable access.
- Limit user access to shared drives and folders. Ransomware can only encrypt files that a user has access to. At Kensai International we recommend that only employees with a need to access royalty information should have access to the royalty data folders.
- Configure the application control policy to whitelist only approved applications and blacklist everything else. Employees can run only approved applications.
- Disable auto-play and auto-run on all workstations.
- Install hardware firewalls. Deploy cloud managed security appliances with security software licenses to offices (example: Meraki MX65W) and remote workers (example: Meraki Z3). Hardware firewalls stop malware at the network perimeter.