The war against ransomware is real and everyone must be prepared for an attack on their data. The good news is that by preparing in advance, you can align to a framework that provides a reliable strategy when status quo operations are disrupted. To help you prepare, we’re outlining 11 tips that will help you prevent a ransomware attack. 

Tip #1: The human firewall

Technology alone can’t strengthen your organization’s cybersecurity posture. Amid the growing complexity and threat of cyberattacks, organizations must focus on building a multi-layered defense. This means that everyone must be aware of security risks and potential incidents and report anything suspicious. The importance of this human layer of protection lies in the fact that  

many breaches are due to employee error. Successful hacks are often caused by carelessness,  simple mistakes, or a lack of knowledge of cyber threats and cybercriminals’ practices. 

Knowing that phishing, remote access (RDP) and software updates are the three main mechanisms for entry by a cybercriminal is a huge help in focusing the scope of where you want to invest the most effort from an attack vector perspective. 

How cyber-aware is your workforce? 

Identify potential knowledge gaps within your workforce by running a cybersecurity awareness program. Evaluate your organization’s cybersecurity awareness maturity level by, for example,  using a phishing simulation program to uncover the current level of cyber awareness. 

Have you ever received an email asking you to click on a link to check the status of a package that you didn’t remember sending? Or one that asks you to click a link to confirm your password for an account? These both could have been — and likely were — phishing emails. 

A human firewall is an important layer of defense against ransomware of any type. By working together, we can identify threats, prevent data breaches and mitigate damage. The more employees you have committed to being part of the human firewall, the stronger it gets! 

Tip # 2 Have an always available and up-to-date business continuity plan (BCP)

Which processes are crucial for your organization? Who do you need to contact in case of  a business-disruptive event? Making sure that your business continuity plan (BCP) is always  available, even if everything is lost and locked down, is crucial for an organization’s survival. The best practice is to make sure that your BCP is stored in a separate location, is immutable and is available 24/7/365. A BCP should outline how a business will continue operating during an unplanned service disruption. Manual workarounds should be outlined in the BCP  so that operations can continue until digital systems and services can be restored. 

Tip #3: Tagging your digital assets 

Insight into which assets are critical to your organization and how to effectively protect them is vital in creating a successful cybersecurity response plan. Before you start protecting, you should identify and tag these assets to make the most effective plan. Tagging digital assets can mean the difference between having to look for a needle in a haystack and finding the specific asset you need with a simple search.

Tip #4: The human firewall—education 

Educating and training your staff about cybersecurity is a highly effective and efficient way to raise your protection level against ransomware attacks. Your organization is not full of security experts, so you need to provide basic knowledge and delineate the appropriate actions to take when faced with an incident. You also need to repeatedly test the effectiveness of your cybersecurity training programs. 

Many organizations only have security awareness training once a year, but this is unfortunately not enough. Human firewall training should be continuous, with employees receiving updates and new briefings as threats arise. People should also be educated on new issues whenever they change job titles. That cybersecurity muscle memory should be trained before a potential security incident. Remember: an informed workforce is your greatest defense and protection  

measure against ransomware. 

Tip #5: The 3-2-1 data protection rule 

The 3-2-1 Rule is an industry standard for how to protect data and it’s your ultimate line of defense in the fight against ransomware. This rule asks you to make sure you keep at least three copies of each piece of important data, store your backup data on two different media types and replicate one copy of your data off-site. 

Tip #6: Secure by design

Adding security to existing infrastructure is much harder and more expensive than just thinking about enhancing an existing infrastructure while you’re designing a new or refreshed infrastructure. In a virtual infrastructure, it’s good practice to build a master image that’s secured from the start. Removing all known attack vectors and only opening access when components are added and need specific openings or extra software to function properly, is a best practice. This way, all builds are consistent and kept up to date, which creates a secure baseline.

Tip #7: Keep it simple and straightforward principle (i.e., K.I.S.S.) 

Overly complex designs become harder for IT teams to manage, which makes it easier for an attacker to exploit weaknesses and stay in the shadows. Simpler designs that are easy to keep  track of are fundamentally more secure. Use the K.I.S.S. (keep it simple and straightforward)  principle for your designs. 

Tip #8: Principle of least privilege 

This principle means only giving a user account or process the privileges that are absolutely  essential to perform its intended function. The principle of least privilege is widely recognized  as an important design consideration that enhances the protection of data and functionality  from faults and malicious behavior. 

Tip #9: Segmentation 

Ultimately, all security is about protecting a valuable asset. In this case, it’s data, but that protection involves an in-depth defense strategy that includes all layers. To do a defense-in-depth strategy,  you should identify your most valuable data and build layers of defense around it to protect its availability, integrity, and confidentiality. Segmentation means dividing your infrastructure into zones where you group objects into logical zones by looking at the level of access needed, common restriction policies restrictions, and connectivity both in and out of that zone. 

A zone is an area that has a particular characteristic, purpose, use, and/or set of specific restrictions. By using zones, you have an effective strategy for reducing many types of risks. While securing your environment in a more granular and effective manner, you will lower the costs associated with it. Instead of protecting everything with the same level of protection,  you can now associate systems and information to specific zones. In addition, systems that are subject to regulatory compliance can be grouped in subzones to limit the scope of compliance checking, which reduces the cost and time needed to complete lengthy audit processes. 

Tip #10: Segregation of duties 

Segregation of duties is a basic building block of sustainable risk management and internal control for a business. The idea behind this is to spread the tasks and privileges for security tasks among multiple people. No one person should be able to control everything, which means that no one person has the ability to delete everything either. For example, one person should control the production environment, another person should control the backup environment. Even within backup practices, having a secondary and offsite (i.e., DR) copy of your data that is under different credentials and management control than the primary backup system is often considered a best practice. 

Tip #11: Digital hygiene 

In our day-to-day life, we take personal hygiene and cleanliness seriously. We all know that washing our hands helps prevent the spread of infectious diseases and keeping clean is a fundamental part of our daily routine.

We Are Ransomware Experts

Need help protecting your company from ransomware attacks? We’re here to help. Contact us online or give us a call today for a free consultation.