Tuesday, March 22, 2016

Ransomeware Tips for your Business


Please review this with your staff and especially anyone with access to financial accounts.

Office Files:

Ransomeware is now being hidden in Office macros. If you receive resumes with the .doc extension, please delete and ask for a PDF.

Same with your web site. If the site accepts word docs for resume's, place a warning on the site saying "We will only accept PFD's all other types of submmittals will be deleted.


Server:

Rename your VSSADMIN file. Types of ransomeware variants will use the VSSADMIN commands to delete all your previous versions. Renaming this file will not cause any issues with Volume Shadow Copy

Desktops:

Lock down to standard user. Turn on file extensions

Backups:

Off site - Mandatory for critical files and encrypt your off site backups
On Site: Make sure they are hidden and not available to anyone.
This will be your fastest form of recovery

Firewall:

Do you have a Sonicwall ? If not get one and get a one year subscription to TotalSecure. Enable TotalSecure, Block known countries if you have the BOT feature in the SonicWall.
Block TOR sites.

Email:

Block known countries in Exchange.
Have a review of safe email practices. Hover over links to see where they come from.
Not sure of any email? then Call them
Do not open any banking email. PERIOD.

Web Browsing:

Do not save your credentials for any banking site.
Do not trust your computer.

Need any assistance with the above, then feel free to call us for a consult. 732 528-4975


No comments: