« Back to Blog

Practical Guidance on How to Protect Your Small Business from Ransomware Attacks

By Trey Fischer
Aug 14, 2017

With the rise of Ransomware attacks over the last several years, small businesses now more than ever, have many things to worry about when it comes to protecting data. Fortunately, implementing a few simple measures can help you protect your business. Here is some general guidance on defensive measures you can take to protect your small business and your data.

Firewall. Make sure you have a good perimeter firewall. I would recommend using a Unified Threat Management Firewall (UTM). UTM firewalls have many features that enable you to block viruses, attacks, scans, and even prevent data from leaving your network that may be confidential. Hardware vendors are now bundling all of these defensive technologies into appliances in order to help protect networks from intrusions.

Patching. Make sure that your hardware, software and operating systems are patched and maintained. A firewall will not do its job if it is vulnerable to an exploit that allows hackers to take control of your network. Also make sure that virus signatures and firewall signatures are updated. Most of today’s UTM appliances automatically update without much intervention.

Segment network. Be specific about what you allow into and out of your network and segment your network traffic if applicable. For example, if you want to be able to browse the internet from a PC or Mac you would want to have that segmented from a network that you perform credit card transactions on. You would also only want to allow the specific ports that are needed. For example in order to browse a website, you would typically only allow 80 and 443 outbound.
Disable services and features on all of your devices(PC/Mac/Firewalls/etc) that are not needed, especially if you are bound by compliance regulations like PCI, HIPAA, etc.

Endpoint protection. Use a host based endpoint protection software to add another layer of protection to your system if applicable. For example, if you are using a Windows PC for your terminal or point of sale system, you would have to make sure to run software that protects the PC.

Guest WIFI. If your business is providing WIFI to customers have the traffic segmented from your credit card terminals by utilizing a virtual lan (VLAN) or put it on a completely separate network entirely.

Backup. Have a complete backup of your data stored off site from your location and regularly verify that you are able to restore from it.

In summary,

Ransomware attacks are a real threat to many small businesses, making your data vulnerable. But taking a few steps to help protect your business today will help ensure that you don’t end up in a crisis tomorrow.