Here is a list of 12 things you should be doing to stop ransomware from killing your business.
1. Application Whitelisting
Most employees use between 5-10 applications to perform their job functions. With that in mind, operating
systems are pretty much left wide open, so any application, malicious or otherwise, can run, leaving your business vulnerable to zero-day or new trending malicious software, including ransomware. By not restricting what can run, you leave yourself exposed to vulnerabilities or the misuse of legitimate software. Antivirus software only attempts to block the bad stuff and oftentimes, it fails. If you start with a default-deny approach, any application will be blocked regardless of whether it is known or unknown malware.
2. Lock Down your Perimeter Firewall
Leaving ports such as RDP open on the internet is somewhat of a laughing matter on many Facebook groups, Discord channels, and other social platforms. Although, it is not so funny when you talk to businesses who have lost all of their data from a ransomware attack.
3. Add Dual Factor Authenticationon to Management Tools and Servers
Add Dual Factor Authentication onto your RMMs, Antivirus, Remote Control Software, and any other platform that could allow access to both you and your customers’ systems.
4. Restrict User Access
It is nice to trust that your employees will not do something bad, however, far too many companies have colossal file shares that anybody can access. Even if you trust your employees, restrict access to files and folders based on what they need to perform their job functions.
5. Don’t Just Look for Malware Look for the Footholds
6. Set Default Lockout Group Policies
7. Patch your Computers
8. Disable Macros
9. Use Secure Passwords
10. Monitor your Domain Admins Groups
11. Turn on the Windows Firewall
12. Don’t Make Users Local Administrators
Written by: ThreatLocker www.threatlocker.com