Protecting your business from Ransomware (Part 1)
You’ve seen the headlines “Huge company hit with ransomware — pays millions”. If you are lucky, your only experience with ransomware will be reading headlines. Unfortunately, small businesses get hit with ransomware more often that big businesses.
Why? Its simple. Big businesses have large teams of IT professionals with the job of protecting them. Small businesses tend to hope they don’t get hit — vs doing anything proactive to prevent such attacks. Or, they think the criminals will overlook them because their small. But, cybercriminals are not (as a rule) dumb. They know the big businesses have better protection. So, small businesses make easy targets. Unless they take some simple steps to make themselves much harder targets. Simple steps like:
- Run good anti-everything software
- Have a good backup and disaster-recovery (BDR) plan
- Make sure your employees practice ‘safe surfing’
Run good anti-everything software
Almost everyone runs antivirus software. Modern versions of Windows and MacOS devices all come with built-in antivirus. You can think of antivirus as being software that detects known threats. You’ve probably received a reminder to update the “signatures’ your antivirus program looks for.
For better protection, you need anti-malware and anti-phishing software.
Antimalware is similar to anti-virus – but more predictive — looking for more than known threats and helping to protect your computer based on heuristics, or learning patterns. Antimalware protects you from viruses — and lots of other kinds of cyber attacks.
Anti-phishing software looks for the signs of phishing (a type of social engineering attack that tricks users) in websites, emails, or other programs and provides a warning or actively prevents users from navigating to malicious sites or opening emails or attachments.
Anti-everything software includes all-of-the-above in a single application or set of related applications. The anti-virus/malware portion of the software proactively protects your computer from viruses and malware like trojans, adware, and spyware. The anti-phishing portion protects your email and browser from social engineering attacks.
Even better protection
For individuals, there isn’t much more to it than getting a good endpoint protection program (the more formal name for anti-everything software). For a business, you can protect your organization, employees, and customers a bit more. One of the best ways is to improve your protection, add some monitoring to your endpoint protection. This is particularly important for servers, which do not typically have interactive users accessing the device everyday. Business-oriented anti-everything, like Trend Micro Worry Free services from Tellus Consulting, let you monitor the effectiveness of the endpoint protection software installed on your users’ computers. You can get notifications when a user is hit with a virus, spyware, or phishing campaign. Software like Worry Free services can also help with investigation and remediation of attacks.
The challenge for a lot of businesses when it comes to endpoint protection of course is time and expertise. As the owner or manager, you’ve got other worries — like sales, client service, payroll, and more. This is where security-as-a-service comes in. When Tellus Consulting provides Trend Micro’s Worry Free services to its clients, we also include monitoring of the software. We help your users respond to attacks and investigate the results. And, we provide you with additional suggestions for how to improve your organization’s defensive posture.
Want more information?
Contact us today to get more information about Security-as-a-service from Tellus Consulting.
Part 2 – Have a good backup and disaster-recovery (BDR) plan
Check back later for Part 2, where we discuss BDR solutions.