Cyber Security: How to Protect Yourself from Malware, Ransomware, Phishing etc

Advice on protection from Viruses, Malware, Ransomware and Phishing

More and more, ransomware has emerged as a major threat to individuals and businesses alike. Ransomware, a type of malware that encrypts data on infected systems, has become a lucrative option for cyber criminals.

In the past, many smaller businesses downplayed the possibility of security threats because they believed they were too small for hackers to target. However, most businesses have become more self-aware in recent years, realising that being under-protected, and under-funded, has made them attractive targets for cyber criminals.

The best practice is to employ multiple layers of protection.  Nothing guarantees 100% security and rarely will a single layer stop the threat in its tracks. Malware is multi-faceted and changing by the minute, however, and multiple strategies significantly increase your chances of staying safe.

See below for some essential layers of defence from current cyber security threats.  Realistically, each aspect needs to be in place to avoid leaving an “open door” for attackers.

  • Education: Employee awareness of social engineering threats is more and more critical. Staff training is required
  • Data: Know where your data is
  • Patch management: Keep Operating systems up-to-date with updates for both Windows and MacOS
  • Vulnerabilities: Eliminate legacy or unsupported systems
  • Anti-spam: with aggregated (cloud) intelligence
  • Antivirus software: managed and up to date: We are key partners with Webroot, Bit Defender and Sophos
  • Anti-malware software, e.g. malware bytes
  • Firewall with advanced threat protection
  • Web filter with aggregate (cloud) intelligence: block access to malicious or hacked web sites
  • Access control:  Limit access permissions on computers, files, and data (Principle of least privilege)
  • Restrict the media that can be connected to computers, including USB sticks
  • Allow only authorised devices on your network
  • Applications and other software is managed and kept up to date
  • Backups with copies offsite that are unreachable by a hacker or threat
  • Password Management: strong, passwords expiring <90 days
  • Disable unnecessary user accounts (staff leavers, vendors, etc.)

We are able to manage all of the above for our clients but if you have any questions, or would like to review your IT security, don’t hesitate to get in touch.

 

Cyber Security Advice

Protecting your organization from ransomware
https://www.ncsc.gov.uk/guidance/protecting-your-organisation-ransomware

10 Steps to Cyber Security
https://www.ncsc.gov.uk/guidance/10-steps-cyber-security

How to recognize phishing email messages, links, or phone calls
https://www.microsoft.com/en-us/safety/online-privacy/phishing-symptoms.aspx

How does malware infect your PC
https://www.microsoft.com/en-us/security/portal/mmpc/help/infection.aspx

Ransomware
https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

Social Engineering (phishing, etc.)
https://www.datto.com/blog/what-is-social-engineering

We also have some useful informational downloads from our product partner Datto

Datto_RansomwareGuide

Datto_Essential_Cybersecurity_Toolkit_3

Sign up to a Free Trial of Webroot Endpoint Security Products here

Credit: Some credit to James at Ratcliff IT must be given in the preparation of this article.