Often, preventing ransomware attacks is painted as a large-scale business decision that involves IT working with a managed service provider (MSP) to implement new services and technologies, but this is only half the story. Every day, employees working at a small business make decisions that heavily influence that business’ ability to defend against ransomware attacks. To help everyday workers know that their everyday decisions matter, we want to go over a few good habits that anyone can do to improve their security posture both at work and at home!
Take Phishing Seriously
Phishing still remains one of the most frequent attack vectors for malicious actors because it is effective and allows access to large parts of a company’s network. Everyday you go through your email inbox is an opportunity to remain vigilant and watchful for phishing campaigns that are simple or complex. Often, not clicking on a link inside an email or contacting your coworker through another communication channel to confirm an email can mean the difference between protecting information or preventing ransomware attacks. Even if you feel confident in your ability to catch phishing attacks, reading articles on the latest phishing campaigns can further increase your knowledge and security posture!
Regularly Updating Devices and Apps
Updating every device you own and app you use can sometimes become a chore or interrupt workflows, but it is one of the most effective ways everyday employees can prevent ransomware attacks. Sometimes, one out of date device on a company’s network can be the attack vector a malicious actor needs, so it is crucial that everyone sets aside time to see which devices and applications need updating and ensures they get completely patched. Also, make sure to update apps that are used infrequently as well because that infrequent use can lead to inconsistent patching, which hackers can use to their advantage.
Disabling Macros to Prevent Ransomware Attacks
Many ransomware attacks rely on executing macros inside of Office 365, and this means that anyone with Word, Excel, or other products in that suite is vulnerable to the exploitation of those macros. This is why it can be a good idea to disable the use of macros inside of Microsoft Office in order to prevent some ransomware attacks from getting started. This can work as a last line of defense in the event that other best practices and security tools haven’t worked, and employees should treat it as such. If you need macros to do work in some applications, then it can still be helpful to turn them off in the services you do not use them in.
Summary
Of course there are many other best practices and habits that everyday employees can use to keep their company’s cybersecurity infrastructure safe, but just following these few tips can make a world of difference. Employers also have a responsibility to get their employees the best cybersecurity training and news to stay one step ahead of the bad actors, and we here at Robinett Consulting want to help. As an MSP, we believe our partners deserve the best security tools available coupled with the latest information they need to know about the threats they face in their field. This way, our partners can stand strong on their own, and we can help them on their cybersecurity journey!
