The recent large scale, global cyber-attack known as wanna cry, has been a big wake-up call for business owners around the world.
This attack was effective in its use of a Ransomware virus, which is an extremely devastating type of virus that once activated, has a mission to encrypt any file it can get its hands on, thus locking you from your data. Once complete the virus then gives you the opportunity to pay a ransom to regain access to these files.
We have complied a short list of essential steps and precautions to protect your business from these types of attacks.
- BACKUP! An effective backup strategy is paramount to your businesses ability to recover from a Ransomware attack. a 3-2-1 backup strategy is the most effective means of ensuring your IT systems and data will be recoverable in a disaster recovery scenario. This means, 3 separate backups, on 2 different kinds of media, with 1 of these stored offsite.
- Anti-Virus. A fully up to date anti-virus is equally important when protecting yourself from Ransomware.
- Operating System. Keeping your IT environment up to date with the latest technology can be of great importance in protecting your organisation and data from attack. As technology progresses, companies such as Microsoft are constantly adding security features to their operating systems to mitigate from cyber threats. As a rule of thumb, the newer the better when it comes to the operating system.
- Email Filtering. The staggering fact is 99% of Ransomware viruses are transmitted via email, this statistic alone should be enough to convince you that investing in a proper mail filtering solution is one of the best things you can do to minimise exposure to malicous email. But if its not enough to convince you, these systems will also assist in minimising regular spam emails, as well as a whole host of other non-ransomware, but still extremely dangerous viruses.
- Education. This step is extremely important, in our experience, the weakest link when it comes to protecting a business from virus threat is education of staff. Staff should be educated on how to identify a virus in an email, website or document, and what to do if they believe they may be infected.