The fact of the matter is that over the last several years, ransomware and online crime in general have become a business, and an extremely profitable one at that. They analyze their business just like any other business owner would. They have discovered focusing on the lowest hanging fruit is very effective. Most ransomware attacks are facilitated through cracks that could have been filled beforehand but weren’t.
Business Beware: 5 Things You Can Do Right Now to Protect Your Business from Ransomware Attacks
It’s Not My Fault, It’s Default. Look around your office. We have so many devices on our network computers, printers, scanners, cameras, backup devices, etc. How many times have you added a device and literally just plugged it in utilizing the default settings? Talk about an easy point of entry for a hacker. The security settings need to be managed for every single access point; especially the seemingly harmless one.
People. People. People. Our team members are absolutely the strongest asset in our organization. When they are not trained regularly in cybersecurity, those same team members can become a ticking time bomb. We need to give our team members the tools that they need to be successful in protecting your organization. Any business is literally one click from a team member away from a very bad day. Just one.
Back it Up. Backing up information is an area that many organizations don’t pay attention to until they find out they have an issue. All businesses, regardless of size, need to be sure to have a system in place for backing up their critical information. Backups should be stored in multiple locations and should be tested regularly to ensure they are in working order and capturing the right information. The best defense is a good offense.
Isn’t Going Viral a Good Thing? Antivirus software is always a hot topic. Time and time again when we go to meet with businesses, we run into people who are using free, outdated, or just plain old expired antivirus software in their business. Every business should be using Endpoint Detection Response as opposed to file-based storage. An EDR is looking for an action as opposed to scanning a database of file names which is constantly changing. You need a provider that is monitoring and analyzing to be able to quickly evaluate and respond. Hence, the R in EDR.
Factor it In. As you go through the process in the next year of renewing your cybersecurity insurance policies, you are going to notice a requirement for your organization – MFA. Multifactor-authentication is simply the requirement that a user provides two or more verification factors to gain access. If this is not something you have implemented in your organization, you need to. Any software, online-based application, social media site, etc. that allows for multifactor authentication should be enabled.
For business owners, the days of loading a miscellaneous antivirus software on their office computers and calling that protection are over. All businesses need multiple layers of advanced protection. Every single aspect of our businesses require a plan of action and execution to be successful. This is no exception.
Create a plan or plan to fail.
Call our office at 720.746.9763 to schedule your risk assessment today!