In February of 2016, President Barack Obama passed a Cybersecurity National Action Plan. The plan implemented near-term actions and developed a long-term strategy to enhance cybersecurity awareness and protections, protect privacy, and maintain public safety. Taking action against cybersecurity now will assist with ensuring economic and national security, as well as empowering Americans to take better control of their digital security.
For a small business, it’s even more important to avoid becoming a cybercrime victim. Data loss, downtime, fines/restitution, and lost time and resources are just a few things that you might be forced to endure as a result of falling prey to a hacker. Here’s a list of actions that the FBI recommend you take to help protect your company from being a victim of ransomware.
- Raise Awareness: Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s network and data.
- Updates and Patches: Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
- Auto Update Security Software: Ensure anti-virus and anti-malware solutions are set to automatically update and conduct regular scans.
- Limit Super Users: Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Access Control: Configure access controls, including file, directory, and network share permissions appropriately. If users only need read-specific information, they don’t need write-access to those files or directories.
- Filters and Application Control: Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
- Data Backup & Disaster Recovery Plan: Backup data regularly and verify the integrity of those backups regularly.
- Multiple Storages: Make sure backups are not stored or connected to the computers and networks they are backing up.
Given the extreme measures that governments have taken to prevent cybercrime, it’s a safe bet that businesses of every size should follow suit. Would you like to keep on top of all the latest news and information from the FBI’s cyber security division? Visit: https://www.fbi.gov/investigate/cyber/news.