Jim Cali
CPA
As the world experiences an increase explosion of new and invasive ransomware attacks that target businesses of all sizes it is important to implement measures to protect your data infrastructure and systems.
Companies need to utilize a combination of security tools and best practices to prevent devastating incidents in the future. Here are some tips on how to recover from a ransomware attack and prevent future attacks.
Maintain Good Backups – After a ransomware attack, a good data backup can mean the difference between a complete loss and a complete recovery. Create a routine for backing up all business data and regularly test backups to ensure they are working. It is strongly recommended to keep one copy of your data with a different backup format and one backup stored offsite.
Keep Servers Updated and Patched – Updating servers as soon as security patches are released can mean the difference between a minor inconvenience and a full-fledged ransomware attack.
Implement Strong Password and Multi-Factor Authentication (MFA) – Companies are strongly recommended to adopt strong password guidelines. Additionally, a combination of multi-factor authentication (MFA) and strong passwords can help reduce threat actors’ success in stealing user credentials.
Disable Remote Desktop Protocol (RDP) – One of the most common ways for ransomware groups to infiltrate companies’ networks is through remote access points, especially RDP. Many companies have turned to RDP to support remote and hybrid work models, but if not properly configured and secured, they can also serve as an easy entry point for threat actors.
It is further recommended that companies implement a virtual private network (VPN) to provide secure remote access.
Even for companies with good backups and a comprehensive cyber insurance policy, recovering from a ransomware attack can be a lengthy and difficult process.
