The cybercriminals who spread ransomware garnered $1B in 2016 alone, and the reality is every business is at risk for an attack. With this in mind, business owners should have a solid plan in place to protect their most valuable asset – their data.
One of the most important aspects in protecting against ransomware is employee education, as they’re often the weakest link when it comes to data security, according to a recent survey of 618 IT professionals conducted by the Ponemon Institute. In fact, 58% of survey respondents say negligent employees put their company at risk for ransomware attacks. Further, only 29% are confident their employees can detect risky links or websites that could result in a ransomware infection.
Before you begin to educate employees, it’s important to know what actions are putting company data at risk. The most common risky behaviors of employees include:
Employers should conduct training programs on what employees should be doing--especially with regard to email habits--to protect data and ensure they’re armed in the fight against ransomware. The US-CERT advises the following precautions to share with employees to keep inboxes safe from spam, phishing and social engineering scams and Trojan horses:
1. Create and use a spam filter
2.Don’t trust unsolicited email
3. Treat attachments with extreme caution
4. Don’t click links in email messages from people you don’t know
5. Buy and install antivirus software, and keep it updated
6. Install a firewall and keep it up to date
7. Configure your email client for security
Another tried and true strategy is having a full and accurate backup system in place, as 52% of the Ponemon survey respondents cited this as the top way to avoid paying ransom after an attack.