How Cloud Backup Helps Your Business

New threats to businesses’ precious employee and customer data emerge every day, so the only surefire way to protect your files from viruses, theft, and other unforeseeable disasters is to partner with a leading cloud backup provider. With a basic understanding of how cloud backups work, you can set up a plan that is economical and customized to the needs of your business.

How should you go about choosing a cloud backup provider? Let’s take a look:

Learn more about their storage capacity

Before partnering with a cloud backup provider, ask them where they store their data. Many providers use cloud servers over which they have little control, which could be hazardous as it makes it harder to monitor activity and respond to anomalies. To avoid this fate, choose a backup service that operates their own cloud-based servers.

Next, you will have to determine whether your business assets can be backed up, since some cloud storage providers do not have the capacity to save bigger files like videos or other multimedia files. By asking these questions, you can find a cloud backup service that fits your business needs, and more importantly, can take care of all your files.

Get details on their security

It will be important for the cloud backup provider to explain in no uncertain terms how they will store your files. They should be encrypted and stored on multiple servers because redundant storage ensures your data has multiple copies saved online and can be retrieved at will. Even if an uncontrollable disaster befalls your company or the backup provider’s system, you’ll still be safe.

Compare your budget and backup costs

Before considering any cloud backup provider, you need to know how much the service is worth to you. How much money would you lose if your server crashed and all the data it stored was irretrievable? Compare that amount with the cost of a provider’s service, which could be charged by storage tiers, per gigabyte, or on a flat-fee unlimited plan.

When asking about the price of cloud backups, make sure to clarify any service limitations or restrictions. For example, how quickly can your storage capacity be upgraded? Is it possible to run out of storage? These are not things you want to discover in the middle of hurricane season.

Clarify data recovery timelines

Although storage availability is important, how quickly backups can be created and restored is also an essential factor. Ask providers how often backups will be created (e.g., hourly, daily, weekly), and how long it will take to restore them (e.g., hours, days, etc.). If those timelines are too long, it may be time to look for a better provider.

The most important thing is to know your needs before meeting with a potential provider. Let them know your business needs, budget, and recovery timelines. Our solutions and pricing are flexible and customized to your needs so you’re not stuck in a cookie-cutter plan.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Today’s businesses are so reliant on data that most of them will cease to function without a steady flow of it. The case is especially true for small to medium enterprises, where most of the decision making is left to one or two individuals. Just like retail users, small business owners fail to realize the importance of a solid data backup & recovery system. The truth is that they’re playing a very dangerous game by thinking that new technologies will continue to make their lives more efficient, all on their own. It’s important to remember that in today’s world of data-dependency, a bad backup plan, or complete lack of, can mean the end of a business if that data is lost or stolen.
The real problem is that most small businesses either can’t afford to invest in a good backup strategy or are simply ignorant of the fact that it could happen to them and end their livelihood. Not to say that small business owners aren’t tech savvy, but the concept of backup and storage strategy has recently caught up with their otherwise modern work ethics. Another problem is that most businesses run by millennials prefer to stick to the early 2000s concept of batch backups, failing to realize the need to have a constantly updated repository of their sensitive business data.

Do Small Businesses Really Need Backups?
The need to have securely backup data has never been more critical to businesses, especially for smaller more vulnerable businesses. While users can always store data for free on a cloud, some argue that you’re better off manually backup your data in an external hard drive. But backup isn’t just hardware, and a business’s backup strategy will depend on the organization’s unique storage needs.
A disaster recovery plan can act as a guiding light in times of IT disasters, and should be your first priority. Here are few of the weaknesses one would find when thinking about what can go wrong:
Locally hosted data might be secure, but if the building burns to the ground?
Backup tapes are permanently on-site.
Computer access in smaller organizations isn’t usually regulated by an administrator, enabling employees to misuse or siphon data.

Backup 101
For business data, always ensure to:
-Make two full copies of the data, maintained on separate physical devices, whether it’s on a hard drive, USB stick, Blu-ray, or even a good old fashioned rewritable disk.
-Keep a third optional virtual copy, stored in a cloud or on a server, preferably in a different location as your office servers.
Having multiple copies of your data can greatly reduce the chances of total data loss, as well as offer a degree of business continuity. Optionally, you can keep this data updated by synchronizing all the devices that the data is stored on.

Best Data Storage Solutions
Rather than create a detailed backup & recovery strategy that would require you to invest in paid data services, a good choice would be to use convenient storage options that are practically suitable for small businesses. Here’s a look at some of the best backup storage options.

1. Direct Attached Storage (DAS)
Direct Attached Storage devices are those that are physically connected to a computer or server, typically via USB 2.0 and above, ports. This ensures that the data is nearby and within reach, with the occasional issue of having to perform batch backups. This won’t be a major issue if your data doesn’t have to be real-time, and if you have the time and patience to perform manual backups.

2. Network Attached Storage (NAS)
Network Attached Storage devices are those that are directly connected to a network. A NAS system will offer support functions that one would expect from a file server, with the added feature of accepting multiple storage drives. NAS devices usually come equipped with redundancies, like RAID capabilities; because NAS supports a range of protocols to allow users to directly access a PC. Some NAS models offer the capability to synchronize specific data with a suitable remote NAS system.

3. Disaster Protected Storage (DAS)
Disaster Protected Storage systems are specialized storage devices that can withstand disasters that typically erase or corrupt unprotected data. DAS systems can exist as DAS or NAS. Most of these devices are made out of durable military grade materials, and offer a range of protection features such as water-proofing, fire-proofing, etc.

4. Online Storage
The internet is a great place, even more so now that we can store data online. And while most people only think of the cloud when it comes to online storage, there are two distinct form of online storage; paid services like Amazon’s Simple Storage Service (S3), and online storage systems, like the cloud. There are a number of such services that have been created specifically for small businesses, like IBackup. The only downside of online storage is that online data recovery can take a long time, especially in a case of full-recovery, since the data is being recovered from a remote location.
If you prefer not to leave you sensitive data under the protection of 3rd party cloud vendors, you could even opt to build your own private cloud service. And although it might not have been practical for small businesses to invest in their own cloud, new innovations now allow them to get private cloud storage on a budget.
Published with consideration from DailyBlogTips. SOURCE

Nearly 60 percent of small businesses have been the victims of a cyberattack over the past year, but the vast majority didn’t realize that they had been attacked, according to Nationwide’s third annual survey, released Monday.

The insurance company tapped 1,069 businesses with fewer than 299 employees for the study. Initially, only 13 percent of the participating companies said they had been victims of a cyberattack. However, after they were shown a list of cyberattack types — ranging from phishing scams to trojan horses to ransomware — that figure shot up to 58 percent.

“Cyberattacks are one of the greatest threats to the modern company,” said Mark Berven, Nationwide’s president of property and casualty. “Business owners are telling us that cybercriminals aren’t just attacking large companies on Wall Street.”

The companies that are targeted often have fewer cyberdefense systems, less money to invest in threat protection, and less name recognition at risk from a breach.
The most common forms of attack, based on the survey, were computer viruses, cited by 36 percent of respondents. Next came phishing attacks, cited by 29 percent, and then trojan horses, cited by 13 percent.

Lack of preparedness was a significant problem for the companies surveyed. About 57 percent of the firms did not have dedicated employee or vendor monitoring for cyberattacks in place. About 76 percent did not have a plan for dealing with such attacks. Fifty-seven percent did not have a plan for protecting employee data, and 54 percent lacked a plan for protecting customer data.

Recovery from cyberattacks in many cases was slow and expensive. About 20 percent of cyberattack victims spent US$50,000 and took more than six months to recover, while 7 percent spent more than $100,000 and took more than a year to recover.

Money Matters
Cyberattackers typically steal credit card information from companies with customers who make purchases from them, noted Karen Johnston, a technical consultant with Nationwide. They also steal personally identifiable information — such as addresses, names and Social Security numbers — that hackers can use to apply for new credit cards or loans, she told the E-Commerce Times.

Small businesses need to make sure their systems have proper antivirus and firewall protections, and make sure their systems are password-protected and properly patched and updated with the latest versions of antivirus and operating system software, Johnston said.

Companies also need to have up-to-date backups of their critical systems and customer data, and consider having cloud backups of this information, she suggested.

Further, most small businesses fail to have proper cyber-risk insurance, Johnston noted — or they think they are covered by existing business policies when they are not.

Protections Lacking
With their limited resources, small businesses tend to be more vulnerable to cyberattacks than larger enterprises.

“Small businesses are one of the most at-risk sectors of the market, in part because their data is equally valuable to an attacker and simultaneously their protections are significantly [less] than what you would see in a mid-size or enterprise business,” explained Kevin O’Brien, CEO of GreatHorn.

Cyberthieves are likely to sell whatever data they find on the Dark Web, and the price per item likely will be the same, whether the firm that was breached was a Fortune 500 or a much smaller firm, he told the E-Commerce Times.

The majority of attacks still arrive via email, but there recently has been a rapid increase in attacks via mobile devices and social media, observed Ryan Kalember, senior vice president of cybersecurity strategy at Proofpoint.

Technology firms and companies with complex supply chains, like manufacturers, are targeted more frequently, with about 40 email fraud attempts per organization, he told the E-Commerce Times.

“Small businesses can be a really sweet spot for cybercriminals. They have more money to steal than a consumer and less security in place than a large business,” said Kevin Haley, director of security response at Symantec.

“They are also often dependent on third-party vendors for their technology,” he told the E-Commerce Times. “Meanwhile, cybercriminals can be very successful specializing in breaching one technology or solution and working their way through the small businesses that use it.”

The field of cyber security is overwhelming — even for seasoned IT professionals. But not for us. We spend our days researching and experimenting to craft the best security solutions on the market. If you’re interested in one of our cutting-edge cyber-security plans, call us today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TECHNEWSWORLD.com SOURCE

Contrary to popular belief, Macs do get hacked. Although it doesn’t happen as frequently as it does on Windows PCs, Macs have been infected by worms, Trojan horses, and other forms of malware in the past decade. Recently, security researchers discovered a new spyware that has flown under the radar for several years.

Fruitfly spyware
The spyware, known as Fruitfly, was first discovered in January 2017, but Synack chief security expert, Patrick Wardle, discovered a more cunning variant last month.

Along with being able to track the victims’ names and locations, the spyware reportedly gives the hacker control over webcams, mice, microphones, keyboards, and notifies hackers any time the computer is in use. This enables hackers to take non-consensual photos, capture screenshots, track keystrokes, and record audio.

What’s surprising is this type of spyware is not built for financial gain or designed to steal government secrets. It’s used to spy on regular people. According to experts, the hacker developed the spyware for voyeuristic reasons. Collecting private data from users also suggests that hackers planned to set up more targeted social engineering scams.

So far, there have been only 400 confirmed Fruitfly infections, but considering how it has remained hidden for nearly decade, that number could be much larger.

While experts are still not sure who created the malware and how it is delivered, it’s best to follow security best practices like avoiding pop-up ads, banners and suspicious file attachments, using extreme caution when downloading free software, and update applications frequently.

Users should also install anti-malware software with spyware detection capabilities and perform full system scans as often as possible. New security patches have been released to detect and block Fruitfly variants, so you should keep your security software up to date at all times, too.

Surge in Mac Malware
Windows PCs are targeted more frequently, but a recent threat intelligence report by McAfee found that the Mac malware incidents have grown by 53% over the first quarter of 2017.

Hackers will likely uncover new vulnerabilities in the future, which means Mac users can no longer afford to think that their device doesn’t need strong security software and support from managed services providers.

If you’re worried about the security of your Mac, talk to us today. We offer comprehensive solutions that can defend against the new Fruitfly strain and a host of other cyberattacks.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

These days most people are familiar with what Cryptolocker and Ransomware are. Either your business has been affected, you have a friend who has a friend who’s has fallen victim or maybe heard about it on the nightly news. Ransomware is a particular type of malware advanced enough to limit users from accessing their information unless a ransom amount is paid.

Every day the number of professionals and small businesses being targeted by ransomware is increasing.

As we all know information and the ability to access it is the foundation of any business. The only way to protect this information is to execute an effective backup solution in your IT environment and make sure you’re ready for any possible threat.

In the event of a disaster your backup solution is only as good as its restoration capability. In situations where hardware fails or becomes infected, a little preparation can go a long way. A lot of businesses spend a lot of time and resources picking and investing in a backup solution but often times forget one vital step: regular testing of their backup’s restorability as part of their disaster recovery plan.

If there is a problem with a backup that hasn’t been tested, often you won’t know until it’s too late. A lot of ransomware will try to encrypt data on a network as well as that on removable drives. To make sure your business stays safe it’s important to make sure at least one copy of your backups are safe in your local environment.

Here GCInfotech we believe in an effective strategy called the “3-2-1” rule. This rule states that your business should have 3 copies of your data, stored in 2 different types of media with 1 backup kept off site. Also, ensuring all files in a backup are readable and making sure backups are intact physically all goes into testing your backups and making sure they’re able to be restored when you need them.

Ideally backups should be tested after any change is made. If a new backup is created, test it. If a new machine or server is added, test it. It can be time consuming and seemingly impossible for some organizations depending on the size of the backup. If you can’t check backups after every change, be sure you’re checking regularly.

Standard practice is to replicate a full restore at least quarterly. Logs may be checked to verify which items were included in your backup, as well as checking for errors and informational messages. By not testing applications and files you’re making the assumption that not only have you correctly selected everything that will be required to recover from a failure, and that everything backed up properly, but also that it will restore perfectly at the times when you need it most.

Privacy and security are major concerns for businesses developing a data protection strategy. Ensuring critical data is safely backed up, kept private, and readily available is essential to maintaining productivity and eliminating downtime caused by data-related interruptions or malfunctions. Implementing a data backup plan that meets your privacy and protection needs is a business priority.

Not sure where to start? Give GCInfotech a call to discuss the available solutions that would work best for your company. Together, we can make your business work smarter, faster and more efficiently.

Although ransomware has stolen the limelight recently, there’s another type of cyberattack targeting your bank account. Thanks to some horrifying ingenuity, being infected by OSX.Dok can result in victims directly handing their bank account information to hackers. Take a minute to find out how it works so you can avoid making a costly mistake.
OSX.Dok isn’t new, but it has been improved

Originally, this Mac-based malware looked very different. When OSX.Dok was first reported several months ago, it could infect only older versions of the Apple operating system. Besides being relegated to OS X, it didn’t do much more than simply spy on the internet history of its victims. More recently, however, OSX.Dok was updated to target the newer macOS and to steal banking information.
How does it work?

Like so many malware programs today, this particular threat is distributed via phishing emails. Because the end goal is to acquire private financial information, these emails pretend to have pressing information about taxes or bank statements stored in attachments that actually contain malicious software.

Once any of these attachments are opened, OSX.Dok secretly broadcasts information about the computer and its location to the malware’s authors. Based on that information, hackers can redirect victims that visit banking websites to copycat URLs tailored to their language and location. Almost everything on the copycat sites looks exactly the same, but when you submit your user ID and password, they go straight to hackers.

Worst of all, the latest version of this malware seems to be incredibly advanced. It actively changes the way it hides itself and even modifies system settings to keep the computer from checking for operating system and security updates.
What can I do?

Security experts are still working on a way to combat OSX.Dok, but believe that it will remain a problem for some time to come. For now there are a few things you can do:

Never open attachments from people you don’t know personally, and even then be wary of anything you weren’t expecting.

Pay attention to little details. For example, copyright dates at the bottom of fake banking sites only went to 2013.

Look closely at the lock to the left of URLs in your address bar. Fake websites may have security certificates with names slightly different from those of the sites they mimic.

The best way to stay ahead of threats like OSX.Dok is by partnering with a capable IT provider. That way you can be sure that you have all the latest software and hardware to keep you safe. Even if something managed to slip through, regular audits are sure to find infections sooner than an overburdened in-house team would. Call us today to find out how we can protect you!

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

MacOS has a reputation for being one of the most secure operating systems. But in 2016, its susceptibility to malware grew by an astounding 744% according to one security report. Recently, a new strain of malware was found to infiltrate Macs by bypassing all of its security features. Despite having one of the highest price points in the market, Macs’ reputation for being the safest computers remains untarnished, but will the new malware change that?

How the new malware attacks Macs

The new strain of malware targeted at Macs is called OSX/Dok, which was first discovered in April 2017. OSX/Dok infiltrates Macs through phishing attacks, whereby users receive a suspicious email with a zip file attachment. Like all phishing attacks, it contains a message that tricks the recipient into opening the attachment purportedly about tax returns.

Mayhem ensues once the malware is in the system, gains administrator privileges, takes over encrypted communications, changes network settings, and performs other system tweaks that put the users at its mercy.

What the malware does

The malware targets mostly European networks, but it’s expected to spread into other regions. Even more alarming is its ability to bypass Gatekeeper, a security feature in the MacOS designed to fend off malware. This is because its developers were able to obtain a valid Apple developer certificate, which makes the attachment appear totally legitimate. Although Apple has addressed the issue by revoking the developer’s certificate of the earliest versions of the malware, the attackers remain persistent and now use a new developer ID.

How to avoid the mayhem

The Mac-targeted OSX/Dok malware is easy to avoid if you keep your wits about you when receiving zip files from unknown senders — these files should be treated as high-risk and be reported to your IT team, quarantined, or junked. Whether you’re using a Mac or a Windows computer, clicking on suspicious ads can download and install apps from third-party sources that put your system at risk.

Mac users are not completely safe, and complacency with security could only result in compromised and irreparable systems, ruined reputation, and lost profits for businesses. For this particular malware, a simple act of vigilance may be all it takes to avoid having your Apple computer bitten by bugs. If you want to double the layer of protection for your business’s Mac computers, call us for robust security solutions.

Of course, if security training and cybersecurity solutions are not your company’s specialties, you can always rely on a trusted managed services provider like us to protect your business. We can update and secure your systems regularly, and make sure your staff are actively doing their part to reduce security risks.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Software developers and hackers are in a constant game of cat and mouse. When cybercriminals find new security bugs to exploit, tech companies have to quickly release a solution that secures those vulnerabilities. Just this month, Microsoft released a patch to eliminate a Word exploit designed to steal user information. If you’re an avid Microsoft Word user, here’s what you need to know about the bug.

The attack
On April 10, cybersecurity firm Proofpoint discovered scammers running email campaigns to trick people into clicking malware-ridden Word attachments. The fraudulent emails, simply titled “Scan Data,” included attached documents that were named “Scan,” followed by randomized digits.

Although the emails seem harmless, clicking on the documents triggers a download for Dridex malware, a Trojan virus designed to give hackers direct access to your banking information. From there, they can simply log in to your online account and make unauthorized transactions under your name.

In 2015, the distribution of Dridex allowed cybercriminals to steal approximately $25 million from European accounts. And if your business fell victim to this malware, there’s a possibility your company might not be able to recover from the loss.

The solution
Fortunately, two days after the discovery of the bug, Microsoft released a security update to disable the dangerous documents, urging users to install the patch as soon as possible. But even though Dridex was inoculated relatively quickly, employees continue to be the biggest problem.

Like most malware attacks, Dridex was distributed via phishing campaigns that preyed on a victim’s trust and curiosity. Hackers added barely any text to the email, yet people were still fooled into clicking on dangerous links.

To make sure Dridex never reaches your company, you must provide comprehensive security awareness training. In your sessions, encourage employees to practice safe computing habits, which include being cautious of online links, setting strong passwords, and avoiding downloads from untrusted and unknown sources.

Much like updating your software, keeping your staff’s security knowledge up to date on the latest threats is also imperative. Ultimately, your goal is to have employees with a security-focused mindset when browsing the web.

Of course, if security training and cybersecurity solutions are not your company’s specialties, you can always rely on a trusted managed services provider like us to protect your business. We can update and secure your systems regularly, and make sure your staff are actively doing their part to reduce security risks.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Most phishing attacks involve hiding malicious hyperlinks hidden behind enticing ad images or false-front URLs. Whatever the strategy is, phishing almost always relies on users clicking a link before checking where it really leads. But even the most cautious users may get caught up in the most recent scam. Take a look at our advice for how to avoid the newest trend in phishing.

What are homographs?

There are a lot of ways to disguise a hyperlink, but one strategy has survived for decades — and it’s enjoying a spike in popularity. Referred to as “homographs” by cybersecurity professionals, this phishing strategy revolves around how browsers interpret URLs written in other languages.

Take Russian for example, even though several Cyrillic letters look identical to English characters, computers see them as totally different. Browsers use basic translation tools to account for this so users can type in non-English URLs and arrive at legitimate websites. In practice, that means anyone can enter a 10-letter Cyrillic web address into their browser and the translation tools will convert that address into a series of English letters and numbers.

How does this lead to phishing attacks?

Malicious homographs utilize letters that look identical to their English counterparts to trick users into clicking on them. It’s an old trick, and most browsers have built-in fail-safes to prevent the issue. However, a security professional recently proved that the fail-safes in Chrome, Firefox, Opera and a few other less popular browsers can be easily tricked.

Without protection from your browser, there’s basically no way to know that you’re clicking on a Cyrillic URL. It looks like English, and no matter how skeptical you are, there’s no way to “ask” your browser what language it is. So you may think you’re clicking on apple.com, but you’re actually clicking on the Russian spelling of apple.com — which gets redirected to xn—80ak6aa92e.com. If that translated URL contains malware, you’re in trouble the second you click the link.

The solution

Avoiding any kind of cybersecurity attack begins with awareness, and when it comes to phishing, that means treating every link you want to click with skepticism. If you receive an email from someone you don’t know, or a suspicious message from someone you do, always check where it leads. Sometimes that’s as simple as hovering your mouse over hyperlink text to see what the address is, but when it comes to homographs that’s not enough.

In the case of homographs, the solution is unbelievably simple: Manually type in the web address. If you get an email from someone you haven’t heard from in 20 years that says “Have you checked out youtube.com??”, until your browser announces a fix, typing that URL into your browser’s address bar is the only way to be totally sure you’re safe.

For most, this trend feels like yet another development that justifies giving up on cybersecurity altogether. But for small- and medium-sized businesses that have outsourced their technology support and management to a competent and trustworthy IT provider, it’s just another reason to be thankful they decided against going it alone. If you’re ready to make the same decision, call us today.

Well… What is Ransomware?

Ransomware is a type of malicious software that encrypts files on your computer so that cyber criminals can hold those files on your computer for ransom. Essentially, demanding payment from you within a certain timeframe to get them decrypted. In some cases, the encrypted files can essentially be considered damaged beyond repair.

There are plenty of ways ransomware can get onto a person’s computer, but as always, those tactics all generally come down to certain social engineering techniques or using software vulnerabilities to silently install itself on a victim’s computer.

Unfortunately, the threat of ransomware is very real, and is becoming an increasingly popular way in 2017 for malware authors to extort money from businesses and consumers alike. We’ll give you some great advice to have you properly prepare your computer, servers, and networks. Here are a few tips that will help you keep your data protected and prevent ransomware from hijacking your files this year and years to come:

1. First & Foremost, Back Up Your Files Regularly…

…and keep a recent backup off-site. If you don’t already have backups of your data, this is the most critical action step that will help you defeat ransomware. Be certain that you have a regularly updated backup and have tested that you are able to restore those files. Ideally, you’ll have the backup located on multiple drives.

2. Do NOT Download Email Attachments or Enable Macros

You may already received these types of emails … claiming to be an invoice or some purchase order of some sort. Be extremely careful about opening email attachments from anyone outside of your organization. Simply deleted any malicious emails without opening them. Also, consider installing Microsoft Office viewers that allow read-only access and don’t enable macros.

3. Don’t Have More Access Privileges Than You Need

Simply, the minimum effective dose here… if you don’t need administrator rights for your day-to-day tasks, then create a separate account with limited access. When you do login as an admin, don’t stay logged in any longer than necessary. Avoid browsing, opening documents or other regular work activities while logged in as administrator… that’s what your limited access account is now for.

4. Update, Patch, Uninstall

Malware that doesn’t try to install itself by a Microsoft Office file macro will often rely on outdated software and applications that have bugs in them. Be sure to apply the latest security patches available, which will limit the attacker’s options for infecting your computer with ransomware.

5. Train Your Employees in Your Business in Good Practices

Strong passwords. Not sharing user logins. Logging out at the end of the day. Train your employees who have access to computers and their systems to have good practices. They can be the weakest link in the company’s computer systems if you don’t have a training program in place that will teach them how to avoid spam email attachments, unsolicited documents, and malicious software.

6. Segment the Company Network

If you have clients or customers that need access to the internet while visiting the company, be sure to have a separate access point that only allows use of the internet and prevents access to the company network.

7. Show Hidden File-Extensions

By default, known file extensions like .EXE are hidden and that’s one way that ransomware frequently disguises itself is by having the extension “.PDF.EXE”, counting on Window’s default behavior of hiding known file-extensions so that it will seem like it’s just a PDF. We suggest that you re-enable the ability to see the show file-extensions so it will be more obvious to detect suspicious files.

8. (Did We Say 7? Here’s An Extra!) Disable RDP

One way the Cryptolocker/Filecoder malware often accesses victim’s machines is by using Remote Desktop Protocol (RDP). This is a Windows utility that allows others to access your desktop remotely. Such as those who fake that they’re an IT support person and will help you speed up your computer. If you do not require the use of RDP, you should disable it to protect your computer from malware that exploits this.

Ransomware can certainly be frightening, but there are many steps to take that can help you be prepared in any situation that would put your data at risk. That is why it has always, and will always be, the single most important best practice to protect your company against data loss with regular scheduled backups. That way, no matter what happens, you will be able to restore your data quickly. I can only hope that if anything positive can be taken away from the increased threat of ransomware, it is a clear indication of the importance of regularly scheduled, frequent backups to protect your valuable data.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from NovaStor SOURCE