Since the start of the COVID-19 pandemic, cyber threats and ransomware attacks have accelerated, exceeding 30,000 attacks per day in the US. Cybersecurity measures have never been more important. The move to remote working environments as well as the vulnerability of global economies in crisis has created an open-season for cybercriminals. No business—big or small—is safe.
Small and medium businesses (SMBs) seemingly have a target on their backs, so strengthening your security posture is essential right now. The good news: There are ways to protect your business against ransomware attacks.
Here are nine tips you that boost your business’ resilience to cyber attacks:
Communicate & Educate
1. Conduct a security risk assessment. Understand potential security threats (e.g., downtime from ransomware) and the impact they may have on your business (lost revenue). Use this information to shape a security strategy that meets your specific needs.
2. Create straightforward cybersecurity policies. Write and distribute a clear set of rules and instructions on cybersecurity practices for employees. This will vary from business to business but may include policies on social media use, bring your own device, authentication requirements, etc.
3. Train your employees. Because cybersecurity threats are constantly evolving, an ongoing training plan should be implemented for all employees. This should include examples of threats, as well as instruction on security best practices, and periodic testing.
Prevent & Protect
4. Protect your network and devices. Implement a password policy that requires strong passwords and monitor your employee accounts for breach intel through dark web monitoring. Deploy firewall, VPN, and next-gen antivirus technologies with advanced threat protection. Ensure your network and endpoints are not vulnerable to attacks. Implement mandatory multi-factor authentication. Ongoing network monitoring is essential, as is encrypting hard drives.
5. Keep software up to date. Be vigilant about patch management. Cyber criminals exploit software vulnerabilities using a variety of tactics to gain access to computers and data. Your IT provider should automate this for your businesses with a remote monitoring and management. Keep your mobile phones up to date as well.
6. Back up your data. Daily (or more frequent) backups are a requirement to recover from data corruption or loss resulting from security breaches. Consider using a data protection tools that take incremental backups of data periodically throughout the day to prevent data loss. Remember that you need to protect your data in the cloud as well as you protect your data on local servers and workstations.
7. Know where your data resides. The more places data exists, the more likely it is that unauthorized individuals will be able to access it. Use data discovery tools to find and appropriately secure data along with business-class Software-as-a-Service (SaaS) applications that allow for corporate control of data. Eliminate redundant and “Shadow IT” services.
8. Control access to computers. Use key cards or similar security measures to control access to facilities. Ensure that employees use strong passwords for laptops and desktops. Give administrative privileges only to trusted staff as needed.
Respond & Recover
9. Enable uptime. Choose a powerful data protection solution that enables “instant recovery” of data and applications. In fact, 92% of managed IT service providers report that companies with business continuity disaster recovery (BCDR) products in place are less likely to experience significant downtime from ransomware and are back up and running quickly. Application downtime can significantly impact a business’ ability to generate revenue. Can your business afford downtime costs that are 23X greater (up by 200% year-over-year) than the average ransom requested in 2019?
The best defense is a good offense. A robust, multi-layered cybersecurity strategy can save your business. Contact us to learn more and for a free Cyber Security Assessment.