By now, everyone knows not to click suspect emails, and use passwords like ‘12345’ right? Actually, ‘12345’ is still the most commonly used password, followed directly by ‘password’. Malware prevention efforts seem to be lacking despite the risks, on a large scale. Training is only one, albeit important, part of malware prevention.
Prevent Instead of Fix
There are various ways to fix malware if you already have it. With certain particularly malicious infections, damage that is done may not be recoverable, though.
For example, let’s look at ransomware. In a normal case of ransomware, a user’s files are encrypted and inaccessible until the user pays a ransom. When the ransom is paid, the user is supposed to receive a key to unencrypt the files.
Certain sloppy strains of ransomware delete all of your files, and still ask for a ransom with no hope of recovering your data. Who knew that criminals would have such poor ethics? In cases like this, a little prevention can go a long way.
Here are some simple ways to prevent malware:
Update and Patch
We covered this topic in Patch Automation, but it should be noted that making sure that your sure your systems are up-to-date is an important step in avoiding malware. After all, the majority of targeted attacks can be avoided just by updating your systems. Everything from your browser to your OS should be updated as regularly as possible to fix known vulnerabilities.
Better Password Management
Why do people pick those poor passwords mentioned earlier, like ‘12345’ and ‘password’? They’re easy to remember. It’s also why people sometimes still write passwords down, which is not safe at all. Instead, why not use a secure password manager to encrypt and save your passwords? If you don’t know where to start, check out this list of some good, free password managers.
Firewall and Antivirus
Your firewall and antivirus software play one of the biggest roles in protecting your business from malware. The firewall prevents malicious traffic from entering your network. Antivirus software detects harmful software that has made it past the firewall, and is already on a network device. Using a non-enterprise grade firewall or insufficient antivirus at your company can leave you at risk.
Read Email Carefully
This is just a matter of sound judgement. Check the language used in email you receive from unknown senders. Does it sound natural, or awkward and artificial? If there are links, be sure to hover over them before clicking to make sure they are legitimate. If you receive email from the government or your bank, consider whether they would ever actually contact you in this way. Lastly, when in doubt, pick up the phone and call the supposed sender – never provide personal information via email.
Layered Security Approach
One of the most important takeaways from this, is that no single effort is enough to protect your organization. Train your team on best practices, while making sure that your network is secure enough when they make mistakes.
If you aren’t sure about the security of your network, you aren’t alone. Only 30% of companies believe they are effective at preventing cyber-attacks. If you need help securing your systems, give us a call. Sierra Experts can help with everything from penetration testing, to properly configuring your firewall. Security is always top-priority at Sierra.
Sierra Experts is an IT Managed Service and Support provider, specializing in remote monitoring and remote management of computing systems, cloud/virtual systems hosting, VoIP/SIP PBX trunks and solutions, physical server hosting, software development and hardware and software reselling. For more, check out www.SierraExperts.com