Secure organizational front lines, ensure comprehensive cloud-based backups and understand how to remove your computer from the network.
First, we must secure the front lines of the organization. Ransomware usually comes through via legitimate-looking emails, and those go to your employees. Thus, we must educate your employees on what to look for in an email before clicking on an attachment, clicking a link, filling out a form, etc. This is most successfully done in a space called Cybersecurity Education. Many companies in America today are solely focused on educating employees of large and small companies on how to spot suspicious emails and report them to their IT teams. These companies also “test phish” employees to make sure that they remember what they learned during the education portion of the cyber education modules.
Secondly, we have to make sure our backups are comprehensive and cloud-based. Does this mean that all PCs need to be backed up? Perhaps. If your network administrators are using DFS or folder redirection to backup your local files on the file server, people will not have to have their individual computers backed up. But that requires that computers be on the domain (local network) from time to time. In today’s environment of working from home, it is more difficult to secure data that is offsite. Therefore, if you need to keep data secure and are working remotely, remember to back up your sensitive data to your company’s cloud-based file share. That information, in turn, should be backed up to another cloud-based file share that is separate and secure from the first one. This is very important: Ransomware actors know that the way to combat ransomware is to have “clean” backups for everything, so now they are working to encrypt backups, too. You (personally) do not have to worry about backups. That is for your IT folks to handle. But you are responsible for important files that you are working on daily. You do not want your computer to be a single point of failure. Because of that, make sure to save your most sensitive files to a company-approved cloud-based storage area. Ask IT if you have any questions.
If you do get ransomware on your computer for any reason, remove your computer from the network immediately. You do not want your computer to be the reason your company gets sabotaged as a whole. This means you need to remove the network cable from the back of your computer, or you need to remove your computer from your work or home wireless network. This is VERY IMPORTANT. If you don’t do this quickly, the hackers could also attack the network you own, including any IoT devices you have at home, like your automatic door locks, your virtual cameras, your home theatre, your virtual thermostat, your security system, etc. It can happen quickly, so be aware of what is happening and act accordingly.