10 Security Measures: Part II

Ransomware is an ongoing concern for businesses worldwide. This is because it continues to be effective for the hackers behind these attacks. All it takes is one small mistake for them to get inside your network. This means that you must strengthen your defenses.

Ransomware Security

So what can you do to stay safe?… In Part I of this series we discussed 5 ways to protect your business from ransomware:

  1. Back-Ups
  2. Passwords
  3. Firewalls
  4. Multi-Factor Authentication
  5. SIEM.

If you missed Part I, click here to view what we discussed.

Below is Part II of “How To Protect Your Business Against Ransomware.” We discuss the remaining five IT solutions that you should implement.

6. Anti-Virus.

Make sure you use a managed anti-virus solution that includes a centralized dashboard, and make sure the anti-virus is installed on all of your computers. From the dashboard your IT team can view the status of your computers. The anti-virus you use should also have notification capabilities that alert you when a virus enters your IT system. This type of anti-virus protects against:

  • Viruses that have the ability to damage or destroy files on a computer system and are spread by sharing an already infected removable media, opening malicious email attachments, and visiting malicious web pages.
  • Worms which are a type of virus that self-propagates from computer to computer. Its functionality is to use all of your computer’s resources, which can cause it to stop responding.
  • Trojan Horses which are computer programs that are hiding a virus or a potentially damaging program. It’s not uncommon that free software contains a Trojan horse making a user think that they are using legitimate software. Instead, the program is performing malicious actions on their computer.

7. Tools.

Remote Monitoring & Management, or RMM as it is also commonly known, is a collection of Information Technology (IT) tools that are added to a network consisting of servers, infrastructure devices, and workstations. These tools gather information regarding the hardware, operating system and applications that are on the monitored network.

RMM monitors your workstations and devices for reliability and security and provides patches and updates as soon as they are released to protect your computers from viruses. Vulnerable applications and operating systems are the targets of most attacks. It also ensures there are no spikes on your CPUs (Central Processing Units), that all definitions are updated, and that your hard drives are performing optimally.

8. Dark Web Monitoring.

Dark Web Monitoring keeps you abreast of whether your personal or company information has been compromised, how much damage this could cause and how to remediate it. It notifies you if your credentials are on the Dark Web (where hackers go to buy and sell stolen data). If this happens, you can react quickly and change your passwords to prevent future threats. Sometimes credentials get compromised because your employees use their passwords to access data from a home computer that’s been hacked. Dark Web Monitoring alerts you if your data has been stolen from any device no matter where it is.

9. Periodic Assessments.

As you know, it’s essential to set up your IT network properly. But from time to time, it’s important to conduct an assessment to ensure it’s still set up the way it should be. Things can change when hardware and software are added or replaced. You must ensure an IT professional assesses the health of your IT network quarterly (or at least once a year). He’ll make sure all things are still set up correctly, and policies are being followed.

10. Security Awareness and Training.

Even if you implement the 9 measures that we discussed in both Part I and Part II of this series, there’s one major weakness in your IT security posture that you must address. You must train your users to be aware of and know how to deal with cybersecurity threats, and how to use computers securely. They should be trained regularly so they won’t fall into the traps that hackers set for them. There are Security Awareness packages that your IT provider can provide that will educate your users and test them regularly on their performance. This is software that conducts regular simulation attacks where your users will receive fake phishing emails to see how they handle them. If an employee fails the test, they are automatically enrolled in an education session to teach them what to do in a particular situation. Your management will receive regular reports on their progress.

A ransomware attack can shut down your business for weeks. For some the aftermath can wreak havoc for their reputation, resulting in legal implications and even closing their doors for good. If you have any questions about how to protect your business in or around Chicago, contact the IT security specialists at Infiniwiz.

Want to stay up to date on the latest IT news and info? Check out our Blog. We publish educational information every month.