During the last two weeks there has been numerous stories published about the ransomware WannaCry. It got me thinking that I have heard a lot about ransomware a lot of the last few years.
What is ransomware? In very lay terms it’s a virus or malicious software that typically encrypts all files on your hard drive (s) and either denies access to those files or threatens to publish them on the internet. The creator of the ransomware will want a ransom paid to thwart the effects
What Should I do?
I am no cyber security expert, but after much research there are numerous steps you can take to help mitigate the potential dangers of ransomware.
- Train your staff on security principles
- Institute basic security practices and policies for employees, such as strong passwords , internet use guidelines, and how to protect customer information.
- Protect Computers and Networks from Cyber Attacks.
- Install the latest anti-virus/anti malware programs. Keep definitions up to date.
- Apply the latest software updates/patches etc.
- Consider blocking certain types of files and downloads both at the server level and perhaps the router levels.
- Remind Users to avoid opening unsolicited attachments.
- Quite often the old email attachment is the door to your network. Users should be reminded not to open unsolicited attachments. If it is unsolicited ask for help.
- Turn on firewalls.
- A firewall typically blocks certain types of connections incoming or outgoing from your network and or computers. It helps prevents outside sources from accessing your data.
- Have a backup strategy. Consider different levels of backup and multiple sources how long to keep backups
- Deal With Mobile Devices
- Require users to password protect their devices
- Install security apps
- Don’t allow them to use public wifi to access the company network or data
- Encrypt data
- Secure Your Own WI-FI Network
- Data Should be Encrypted
- The network should be secured
- The network should be hidden.
- If you have a guest wi-fi – change passwords regularly, turn off after hours, isolate it from your internal network
- Limit access to Computers and Networks
- Every user should have a user account with a strong password
- Lock down laptops
- Only give Administrative Privileges to Key Personnel
- Don’t save Credit/Debit Card info
- Credit Card data should not be saved. If it is then it needs to be maintained very securely . Treat it like for Knox.
- Limit Employee access to data and authority to install
- Ask yourself what data employees need to access and only grant access to that information
- Employees typically mean well, and want to make their work place pc feel comfortable, but it is important that only needed software is installed on a computer or network. So limit the authority for users to install software.
- Get Cyber Insurance
- WannaCry has brought major attention to the world. Ransomware is a real thing. A well crafted cyber insurance policy could have helped deal with infections. Should a ransom be paid? Or pay an expert to unlock your system. What would have happened if the data that attacked got out into the public. Talk to your broker about Cyber Insurance.
The Sales Pitch
It is likely that ransomware or its next iteration is going to continue to cause difficulty for the world especially the business world. As much as we try to lock down our Computer Networks and PCs, they have to access the world. We are a connected world. So it is time to consider cyber insurance.
At Crosbie Job Insurance we have been in business since the 1850s. We have be the trusted insurance advisor for Newfoundland and Labrador. Take the time to give our Commercial Insurance Experts the opportunity to review your insurance policy. Identify any holes/gaps in coverage. Take the time to discuss cyber insurance.
At Crosbie Job Insurance you Can Sleep Easy …. We’ve Got you Covered!