8 Ways Employees Can Help Reduce the Risk of Ransomware


By Leo Lynch / Vice President of Sales, APAC, Arcserve

Businesses are at great risk for ransomware attacks because they often don’t have a sound cybersecurity posture. That’s why they need to educate their people about basic cybersecurity and cyber hygiene, according to the Australian Cyber Security Cooperative Research Centre.

So, it’s little wonder that the question, “How do I make sure my company never pays a ransom for our data?” is moving up on business owners’ agendas.

The first step in preventing a ransomware attack is properly educating your employees about ransomware and how it infects systems. The most iron-clad software and hardware is of no help if an employee is careless. Part of your strategy should include a plan for helping your users spot and avoid ransomware. Many businesses hold mandatory quarterly security seminars where admins help employees understand various types of cyberattacks. Your plan should cover everything from ransomware to phishing to the growing threats from social engineering scams.

The following are eight simple security practices for employees to ensure they do their part in keeping these increasingly common attacks at bay.

Use Email Filtering

This reduces the number of potentially malicious emails coming your way. Businesses should invest in enterprise-grade solutions. These will use techniques such as blacklisting, whitelisting, and user-based email analytics to balance spam and legitimate mail filtering.

Scan Attachments

If email is the vehicle that drives it, then the attachment is the cargo you open to unload the malware on your system unknowingly. Many enterprise spam filters have scanning functions that allow you to check your messages for potential threats. Whether they're built into your spam filter or anti-malware software, put those scanning capabilities to use before opening any email attachments.

Block Attachments

Blocking select attachments is one of the most effective ways to stop ransomware at the gate. The system may prevent users from opening .exe, .com, .bat, .js, .docx, and other file types commonly associated with malware. Because this method could also restrict access to legit files you need, it might be a good idea to designate a separate server, such as one in the cloud, for exclusively handling blocked file types.

Preach Safe Surfing

Like malware in general, ransomware distribution is not limited to email. This type of infection can be spread by visiting rogue websites, downloading free software, and even connecting infected USB drives to your system. A computer security training program that covers all the basics of responsible web browsing can make a world of difference when it comes to staying protected.

Promote Good Data Backup Habits

With so many employees working remotely, it’s harder for businesses to manage backups and store data on the corporate network. Encourage employees to be responsible and back up their data regularly. If an employee stores data on a local flash drive inserted into a laptop, that employee should back it up to the cloud or another hard drive. If employees store their data primarily in the cloud, they should be sure to have copies somewhere offline.

Encourage Stringent Cyber Hygiene

All employees, especially those working at home, need to be regularly reminded to update the software on their devices and enable all available security features, such as firewalls and anti-malware. Failing to install updated software and security patches is a well-known employee misstep that creates the gap for malware and ransomware to seize on.

Limit the Number of Files Employees Can Access

Employees should only be able to access data and folders based on the principle of “least privilege.” This is the concept of only giving employees enough access to perform their required jobs. Least privilege can prevent workers from accidentally deleting or corrupting files they should never have had access to in the first place. Enforcing least privilege can significantly reduce the risk caused by human error.

Test Your People and Systems

It is wise to consider regular testing once your network is in tip-top shape. This includes network vulnerability testing, testing backups, and testing employees—people are often the weak link in the security chain. That’s why some businesses formulate strategies for testing employees. That could include sending fake phishing emails or even hiring companies to conduct mock social engineering scams. Whatever the case, testing should be a regular part of your security strategy.

Talk to a Data Protection Expert

Arcserve has the broadest portfolio of data protection solutions available under one roof. To learn more, contact us.

You May Also Like