5 Ransomware Safeguards Every Small Business Should Have

No business—regardless of size or type—is immune to a ransomware cyberattack. Here are five IT-related safeguards every small business should have in place

Jim Stern August 22, 2017

We see it in the news seemingly every other week: a ransomware attack has crippled a major corporation. Yet although these attacks have become commonplace, many small business owners are behind when it comes to safeguarding against them. Some may mistakenly believe they are protected, while others think their organization is too small to be a target. This is dangerous thinking, as any business can fall victim to these insidious and often devastating attacks.

Here are five ransomware safeguards every small business should have:

Anti-malware software
This is the most basic level of protection available to protect against ransomware and other cyber threats. The latest generation of malware protection software is very effective at stopping most ransomware from running on your PC.
Keep your systems patched
But even if you have the latest and greatest software, it could fall short if you are updating your operating system with the latest security patches.

Microsoft releases security patches for it latest operating systems.  These patches are designed to close security holes in Microsoft products—it’s important to install these on all of your PCs. Windows 10 is designed to automatically install these patches, but older operating systems may require you to proactively download and install the updates. Unfortunately, many people don’t bother to take this critical measure. If you are still running an older operating system on your PC, it’s time to upgrade to a Windows 10 machine.

Automated backups of key systems
Reliable, frequent backups of key systems are a must for any business.

System backups are akin to taking a snapshot of your data. Done right, you will end up with multiple backup iterations, each taken at a different point of time. Some of these backup copies can be stored onsite, but you should make sure that some are kept off site.  Regardless of where the backups are stored, they should be isolated from your main network of PCs. These isolated backup copies can’t be affected by malware that hits the primary system. If this were to happen, you simply walk back in time to the iteration that isn’t affected, and restore from there. It’s not a perfect solution, but it’s better than losing everything.

Email filtering services
Most malware that hits small businesses infiltrates via email. These dangerous emails are either broadcast to a large group (spam), a small group (phishing) or an individual (spear-phishing). Spear-phishing emails can be particularly deceiving, as they often purport to be from someone you know or recognize. Your best defense against email-borne malware is to subscribe to an email filtering service.  An email filtering service will scan every incoming email, blocking anything that appears to be unsafe. Even if you use a filtering service, you should always be suspicious and skeptical when browsing your messages.
Training for end users
You can have the best anti-malware software, system backups, and email filtering services in the world, but if your people aren’t well versed in how these safeguards work, their capabilities could be limited. Don’t forgo the necessary training—whether it’s for installing software updates or recognizing email threats. The investment is always worth it.

Don’t put off protecting your business

As an IT advisor, I have been discussing cyber security with my clients more frequently than ever. It’s important to know what threats—and solutions—are out there, as well as what could be around the corner. Having these five basic protections in place is a great start, but there are other safeguards that exist as well. If you have questions about this ever-evolving topic, please don’t hesitate to contact me.