You might have seen in newspapers or perhaps trade magazines that ransomware is an increasing problem that threatens every company. For once the alarm is not hyped. It is something that only the foolish would ignore.
Part of the reason for the recent press coverage is that the ICO has recently published a blog and ebooklet on the matter, links at the bottom. These are probably in response to the significant increase in cyber attacks, all but 250% up against the NHS.
We depend on data in our files and email marketing lists. They are our lifeblood so you would do well to read the information to satisfy yourself that your procedures are satisfactory. There are simple and straightforward steps you can take to protect yourself immediately.
There are two major ways that the malware can enter your systems. The most popular amongst these is via attachments to emails. If you run a busy office where staff receive dozens of emails a day then you may become a target. There are ways to limit the risk though.
Educate your staff to ensure they are aware of the danger in opening an attachment. Have an ‘approved’ list of email addresses from which attachments are expected. Devise a checklist for those addresses not on the list. Have a dedicated person to whom concerned staff can turn to if they are not certain of provenance.
Such steps and procedures will reinforce in their minds how serious the matter is.
Ask those who regularly send attachments if they could paste them into the body of the email. Look upon it as a way of reassuring them that you take the security of their data seriously.
To limit the chances of access to your systems via the next most common way of installing malware, remote access, have regular, and frequent, checks on who has access and to what level. If access is not an essential requirement of their position, remove the facility. Consider making people reapply regularly for permissions.
Ransomware is of growing concern to businesses across the world. If you don’t want to be a statistic, keep your data secure.
ICO ebook: Guide to IT security – https://ico.org.uk/media/for-organisations/documents/1575/it_security_practical_guide.pdf