9 Best Security Practices to Apply Now

iStock_000030358434_XXXLarge

Staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices, including regular training for employees are essential components of every single security setup. Make sure you’re following these nine best practices:

1. Patch early, patch often

Malware that doesn’t come in via a document often relies on security bugs in popular applications, including Microsoft Office, your browser, Flash and more. The sooner you patch, the fewer holes there are to be exploited.

2. Backup regularly and keep a recent backup copy off-line and off-site

There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.

3. Enable file extensions

The default Windows setting is to have file extensions disabled, meaning you have to rely on the file thumbnail to identify it. Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript.

4. Open JavaScript (.JS) files in Notepad

Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.

5. Don’t enable macros in document attachments received via email

Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of infections rely on persuading you to turn macros back on, so don’t do it!

6. Be cautious about unsolicited attachments

The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt leave it out.

7. Don’t give yourself more login power than you need

Don’t stay logged in as an administrator any longer than is strictly necessary and avoid browsing, opening documents or other regular work activities while you have administrator rights.

8. Stay up-to-date with new security features in your business applications

For example Office 2016 now includes a control called “Block macros from running in Office files from the internet”, which helps protect against external malicious content without stopping you using macros internally.

9. Patch early, patch often!

Staying on top of patches is so important that we've included it twice. Don't let ransomware exploit vulnerabilities that have patches available!

Protection technologies to help keep you secure against ransomware
To stop ransomware you need to have effective, advanced protection in place at every stage of an attack.

Securing your endpoints
Intercept X utilizes the unique CryptoGuard technology to stop ransomware attacks in their tracks. It works by detecting and stopping ransomware from encrypting your files, including the recent Wanna ransomware outbreak. Intercept X complements your existing security, blocking processes that attempt to make unauthorized modifications to your data.

Stopping email threats
The best defense against booby-trapped emails is your email gateway. Anti-spam technologies stop ransomware emails, while antivirus scans for and blocks email-borne threats. Blocking emails with macro attachments can help you avoid another common ransomware technique. Time-of-Click technology stops you and your users from clicking through to infected websites – even if they were clean when the email entered your inbox.

Stopping web threats
Web threats are neutralized at the firewall and web gateway. URL filtering blocks websites hosting ransomware, as well as their command and control servers. And by enforcing strict controls you can stop ransomware-related files from being downloaded at all. Cloud sandboxing at both the email and web gateway blocks zero-day advanced threats, including ransomware. It’s like having your own private malware lab that runs suspicious files to determine behavior.

Protecting your servers
Server whitelisting and lockdown keep your servers secure by whitelisting authorized applications and identifying what they can change and update – all other attempts to make changes are automatically blocked, stopping ransomware from taking action. Malicious traffic detection stops ransomware from contacting command & control servers and downloading its payload. Sophos Server Protection also includes CryptoGuard technology that stops ransomware from encrypting your files.

Security Heartbeat
Your security products are great individually, but even better when they work together. By enabling your endpoint and firewall to share security information and proactively respond to threats you get unparalleled protection against advanced threats.