7 Ways to Prepare Your Business for Ransomware Attacks

March 4, 2021

As you may have read in the news, Ransomware attacks continue to be a top security concern for businesses. Making this more difficult, these attacks have been evolving. There have been a fair amount of complex Ransomware attacks lately.  The attackers take their time, determining a path in a network to ensure maximum damage.

While there are many security products available to help, a lot of times ensuring routine administrative functions would have potentially prevented the breach or greatly increased the recovery capabilities.  While prevention systems are still critical, businesses need to adopt a detection and recovery paradigm. This means ensuring proper business continuity and disaster recovery process are in place and tested to aid in recoverability.

Quick hits that can drastically reduce your risk of ransomeware attacks

  1. User account security
  2. Audit and clean up unnecessary admin accounts
  3. Change admin passwords frequently
  4. Eliminate the use of shared accounts and passwords wherever possible
  5. Change root passwords on non-domain joined systems such as switches, routers and hypervisors
  6. Utilize secure password management software to prevent unsecure storage of passwords, such as excel documents and sticky notes
  7. Verify passwords comply with password complexity best practices
  8. Install Multi-factor authentication for all accounts, especially when used for remote connectivity and access to cloud services
  9. Install and verify daily status of anti-virus and anti-malware services
  10. Review and verify proper policy settings
  11. Review and verify policy enforcement
  12. Review and verify thorough deployment on all business systems and user devices
  13. System vulnerability patching
  14. Ensure Windows servers and desktops critical and security patches are being updated regularly
  15. Review network and server hardware firmware for any known bugs and security vulnerabilities
  16. Review and strengthen Firewall settings
  17. Review all policies and tighten them to essential business needs
  18. Enable Geo Blocking
  19. Protect backup and recovery systems—ensure backups are running regularly and test your recovery ability.
  20. Collect System Logs
  21. Install a logging server to collect logs from all servers and network devices to aid in both detection as well as post breach forensics and recovery.

This is not intended as an all-inclusive list and doesn’t ensure following these steps will protect you from Ransomware attacks. Businesses need to adopt a plan that is tailored to their unique business situation.

EDCi is available to review and discuss your security response plan and help ensure maximum protection and recoverability.

Below are some recent articles reviewing the ransomware threats affecting businesses.

Meet the Author
Connect on LinkedIn

Hope you found our EDCi insights interesting and informative.

If you did, why not subscribe for more related content? Don't miss out on the latest updates and exclusive insights!
Thanks for joining EDCi's insights.
Oops! Something went wrong while submitting the form.