Ever heard of the saying, Prevention is better than a cure?
That is certainly the case with IT and protection of your laptop, mac or device.
Here at Black Nova Designs, we see an ever-growing threat to your IT, from hacking attempts to ransomware.
Are you as a business or general IT user doing enough to slow down the threat? Simple answer is, probably not.
Have you ever thought, ‘IT is too expensive’ and not worth the investment? Well, this is a myth! Often the cost of repair and recovering from a Cyber Attack vastly outweighs the initial expense to defend against them.
Some very easy but affective security measures are often free, and in this blog we will go through some very simple changes you can do in within your IT infrastructure to minimise the risk of a breach or malicious software destroying your IT systems, which in turn ‘could’ also be detrimental to your reputation if you are a business.
You can help yourself and your organisations by limiting the effect of ransomware attacks by assuming an attack is inevitable and planning for it in advance, making you prepared for a cyber threat if one were to occur.
‘It is not IF, it is about WHEN’
What to do
1) Make and test a backup plan, including storing data offsite where attackers can’t locate it. E.g. on a USB drive that is only inserted when a backup is done and then removed.
2) If you are buying cyber-insurance, make sure it covers ransomware.
3) Don’t forget to protect data in the cloud as well as central data, however do not sync this to your machine, as ransomware can spread to area like OneDrive/Dropbox if files are synced with the infected machine.
4) Use dedicated anti-ransomware protection. Many users that are hit with ransomware could have stopped the attack before the data could be encrypted. If they were using a good Anti-Virus and firewall, that includes ransomware protection, we recommend Eset and we are also an authorised Eset Partner. We do also recommend, if possible, buying a good quality dedicated firewall if you are running a business.
5) Lock down Remote Desktop Protocol (RDP). Criminal gangs exploit weak RDP credentials to launch targeted ransomware attacks. Turn off RDP if you don’t need it, including removing any port forwarding you are doing on your router and use rate limiting, two-factor authentication (2FA) or a virtual private network (VPN) if you do.
6) Pick strong passwords and use multi-factor authentication as often as possible. And do not re-use passwords, ever. Do not have the same password throughout the office, or for Paypal and your bank.
7) Patch early, patch often. Ransomware like WannaCry and NotPetya relied on unpatched vulnerabilities to spread around the globe.
8) Use a separate admin account, and what we mean by this is have a normal user account that you use daily and then when you need to install anything, elevate your privileges using the admin account credentials, this way if your account is breached, they cannot elevate their user privileges easily.
9) Limit admin permissions, we see it all the time when users want admin permissions, because its “easier”, when actually it creates a large security hole, because once an account has been compromised, they have full access to everything.
10) DO NOT store passwords in any browser e.g. Chrome/Edge, when it says “save password” always say no or never and do NOT save any passwords to a document on any device. If you need to remember passwords, we recommend using a password manager, we use and favour MyKi, however for home users or less techy companies LastPass is also a strong alternative, or if you prefer the simple writing down approach, we recommend you store a password book in a safe or lockable secure area.
11) Change default passwords, many times devices, e.g. routers, printers etc – all come with a generic password, we recommend changing these immediately as many device default passwords are easily accessible online from the manufacturer website.
12) ALWAYS PREPARE FOR THE WORST, and what we mean by this is to always go heavy on security where possible as it is better to be safe than sorry.
For example, you would not leave the house without locking the door and leaving all the windows open.
You could put CCTV, intruder alarms and Safe’s in the house but if you do not lock the door none of the security you think you have in place will help. Start at the bottom up, do not get complacent, protect yourself and your business today to prevent any future risks.
Hopefully, these steps/tips will help you and your business, just feel a little safer and hopefully less likely to become a victim of a cyber-attack.
If you have any questions or concerns or would like us to come carry out and audit on your systems, please get in touch.