The internet has brought enormous positive changes to businesses the world over but in its wake has followed the scourge of malware. Large enterprises can often ride out the damage caused by malware but for small businesses infections can cause untold damage and even take a business down.
- Ransomware is one of the most deadly of all these malware threats; it infects a system, encrypts your personal and business files and demands a ransom.
This blog describes best practices, non-technical steps, small businesses can take to safeguard themselves against ransomware infections.
Multiple back up versions
We all know that backing up data is important; it shields you from a large number of potential problems. Unfortunately, ransomware creators can target not only the data you use in your day to day activities but also your backup data.
- State-of-the-art ransomware will infect and encrypt not only the original device that is infected but also propagate in your network to infect and encrypt shared network drives and other devices. It can also attack your network, as well as your cloud data.
- With this in mind to prevent data loss, data backups should have file versioning enabled, which creates multiple versions of files.
- This can be set up on an on-premise server. However, servers are expensive and require an on-site employee to manage or a service plan from a managed service provider. It also requires a serious internet, and typically expensive, connection plan.
- The cheaper option is to store your data in the cloud. If you don’t have the expertise to set up a complex cloud backup solution, with file versioning, reports, scheduling, and better encryption methods, there are several providers that offer cloud backup solutions.
It’s important to restrict data access to only those with a legitimate business need. A good practice is to have role-based access control with levels of permissions according to who needs access to which data. For instance, salespeople don't need to access to HR data and so on.
The concept of zero trust
- A user should only have access to files and actions appropriate to their role.
- This prevents unauthorized access to different network folders and can help stop an infection spreading to the business’s core network.
- The same access control rules should apply to both the local network and data stored in the cloud.
This is a concept that should underlay the creation of data access controls. Internet cafes use it. They restrict access to applications, system files, and administrator privileges.
Enable multi-factor authentication on company accounts.
- It helps prevent a system from being infected, is usually easy to configure and can also be configured to help prevent employees from accessing content that is not related to work.
Most people have a hard time remembering a lot of passwords and typically use the same passwords over and over.
- A good practice is to use a password manager; you just need to remember a single master password, then you have access to all passwords on all accounts.
However, this measure doesn’t protect you if someone with malicious intentions obtains a username/password combination via a brute force attack or identifies and exploits a vulnerability.
Remote Desktop through VPN
- Multi-factor authentication (MFA) defends against this. With MFA you need to verify your identity again, after logging into a service with a username/password combination. This secondary identification is via phone, another email address, or an authenticator app like Google Authenticator, Authy and so on.
- Most major service providers offer this authentication method and although it needs to be configured, this is a step even an inexperienced user can easily take. As such deployment in your business should be fairly easy.
- With MFA you are ensuring that even if a username/password combination is stolen, it cannot be used to steal precious data.
Increasing numbers of people are working remotely. Whether at home or on a business trip, employees need access to company resources to do their job. However, remote connections can be exploited by malware and hackers.
- To protect your network and employees from attacks, set up a VPN connection and ensure your employees only connect to company servers and resources while connected to the VPN.
- This shields you from man in the middle attacks as well as ransomware and other types of malware.
Updating your operating systems and applications needs to be done as soon as updates become available.
Most common causes of ransomware infections
- Sometimes this isn’t always possible with some applications. This should be considered a vulnerability that needs to be addressed. You can do this by either taking the devices which cannot be upgraded onto a separate virtual network, or even offline and then patch.
- Another approach is to consider virtual patching, which prevents an attack, without the actual need to patch the application.
There are five infection danger areas that need to be considered:
Practical and easy-to-manage defenses
- Email attachments
- Malicious links
- Downloads such as free software
- RDP attacks that exploit unsecured remote connections to Windows systems
- Malicious websites
If you’re using BullGuard Small Office Security
you have little reason to worry. It protects all end-user devices with award-winning protection and is designed specifically for small businesses.
- It’s extremely simple to use, all devices are managed centrally and simultaneously via a cloud portal so you can update all devices at the same time, lock down individual devices if they are lost or stolen and carry out other management functions.
- It’s also easy to install, a link is sent to each employee via email, the link is clicked and the software downloads.
Having good security policies in place such as early notification threat processes and employee education how malware infiltrates computers, bolsters your security application and provides the best possible protection.
Free three-month offer
- If your business is affected by ransomware, you need to take the infected device out of your network and contact BullGuard Support immediately. The sooner action is taken, the better the chances of minimizing damage.
- Our agents are prepared to provide assistance on infection removal and data recovery (if possible) and will guide you towards the next steps in restoring your device and network security.
For small businesses who don’t have BullGuard we’re offering a free license for three months to help secure all computing devices whether in the office or used by remote devices.
It’s a strictly no-strings attached offer, payment details are not required, to help small businesses secure their operations and remote employees during these uncertain times.
You can find out more and download BullGuard Small Security Office at this link