Monthly Business Continuity Tip: 14 Tips to Protect Your Business from Ransomware Attacks
used with permission from Microsoft US Small and Midsize Business Blogwith permission from SBA.gov
by Natale Goriel
Every company is in the relationship business. The best way to serve customers and move your business forward is to work better with others towards a common goal. Collaboration (both offline and online) is one of the most important driving forces for continued growth in any business; small or large.
Collaboration lays a foundation for better teamwork. Effective and meaningful collaboration is much more than just ‘working together,’ and employees who collaborate better are able to work towards providing new and superior solutions to customers they serve.
Employees are part of a greater whole, and working together is the only way business goals and visions can be achieved. Your employees are more likely to continue working with you when they have strong connections and relationships with the people they work with and feel they’re a part of something bigger. Collaborating isn’t easy for everyone, but it will, over time, get your business to a much better position to innovate.
The right collaboration technology can have a significant impact on your business
Collaboration tools are changing the way we work. Collaboration based on cloud technology is fast becoming a permanent feature of the contemporary workplace. The popularity of online tools and platforms have helped reinforce the benefits of collaboration for businesses. Many organizations from all industries are turning to technology to eliminate physical barriers and enhance business growth.
With different business communication products and services ranging from email to project collaboration to storage, including Outlook, Office 365, Teams, Yammer, SharePoint, Skype and OneDrive, Microsoft allows Ransomware attacks are the fastest growing malware threats. On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. Ransomware, a type of malicious software that infects and restricts access to a computer until a ransom is paid, affects businesses of all sizes. The good news is that there are best practices you can adopt to protect your business.
- Implement an awareness and training program. Because end users are targets, employees should be aware of the threat of ransomware and how it is delivered.
- Enable strong spam filters to prevent phishing emails (an attempt to obtain sensitive information electronically) from reaching employees and authenticate inbound email using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
- Scan all incoming and outgoing emails to detect threats and filter executable files (used to perform computer functions) from reaching employees.
- Configure firewalls to block access to known malicious IP addresses.
- Patch operating systems, software, and firmware on devices. Consider using a centralized patch management system.
- Set anti-virus and anti-malware programs to conduct regular scans automatically.
- Manage the use of privileged accounts based on the principle of least privilege: no employees should be assigned administrative access unless absolutely needed and those with a need for administrator accounts should only use them when necessary.
- Configure access controls—including file, directory, and network share permissions— with least privilege in mind. If an employee only needs to read specific files, the employee should not have write access to those files, directories, or shares.
- Disable macro scripts (tool bar buttons and keyboard shortcut) from office files transmitted via email. Consider using Office Viewer software to open Microsoft Office files transmitted via email instead of full office suite applications.
- Implement Software Restriction Policies (SRP) or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers or compression/decompression programs, including the AppData/LocalAppData folder.
- Consider disabling Remote Desktop protocol (RDP) if it is not being used.
- Use application whitelisting, which only allows systems to execute programs known and permitted by security policy.
- Execute operating system environments or specific programs in a virtualized environment.
- Categorize data based on organizational value and implement physical and logical separation of networks and data for different organizational units.
Visit the U.S. Computer Emergency Readiness Team website for additional information on how to protect your business from ransomware attacks.
Editor’s note: Best practices provided by the U.S. Government interagency guidance document, “How to Protect Your Networks from Ransomware”.