Given the recent worldwide ransomware attack suffered by organisations large and small, perhaps it’s time for a security health check of your organisation to ensure you are doing everything you can to avoid being a victim. Most attacks, whether they are ransomware, Trojans, or virus, rely on vulnerabilities that are well known and in many cases have been addressed or can be detected. Incremental Group put together a list of the main things you need to consider.
- Ensure your Operating Systems (OS) is updated and fully patched. At a minimum, apply critical updates immediately. Older OS are more vulnerable, whereas the latest versions address many historical issues.
- Ensure OS updates are applied automatically. Updates to your OS released by the manufacturer will close known vulnerabilities, usually before they are widely known. Older versions of OSs might not get these updates depending on their support status.
- Install a ransomware blocker. Not all anti-virus packages can address this danger, so a dedicated tool to safeguard against these treats is useful.
- Ensure your anti-virus protection is updated and configured to automatically apply new definitions. Antivirus companies regularly update their software to protected against the latest threats, make sure you are taking advantage.
- Close any non-essential ports on your firewall. Closing port 445 stopped the spread of wannacry. In general, it is a good idea to ensure that your firewall is configured to present as small an attack surface as possible.
- Ensure critical files and resources are backed up. This is different to simply syncing them to a cloud storage service. If you are not quick and suffer from an attack, the files on the storage service can be overwritten with damaged copies. Users of Windows 10 should look at using the File History feature to backup each version of a file as they are changed.
- Ensure backups work. It is crucial that backups are checked and periodically restored to ensure that there is a process in place for recovering data and that the backup has indeed worked.
- Ensure there is a SPAM filtering service configured on your email accounts. This reduces the likelihood of potentially dangerous emails finding their way into your inbox.
- Ensure important data does not only live on your PC. Copy it somewhere else too.
- Have more than one (ideally three) backups of your data. Make sure one of them is off-site.
- Make sure that an administrator account is not your normal login and be careful of when you elevate to administrator privileges.
- Turn off macros in productivity applications such as Word and Excel.
- Only install browser plugins that are required. Plug-ins in your browser for PDFs, Flash, Silverlight might not be essential.
- Use an ad-blocker to reduce exposure to potentially malicious ads.
- Finally, make sure all your users know never to open emails, download attachments or click on links in email from people they don't know.
None of these steps are particularly complicated, but are essential in helping keep your organisation safe from future attack.
This blog is from Incremental Group. Read their latest blogs here.