Blog

Information to help your business benefit from telecommunications

Malware is everywhere.

Ransomware and malware

In last month’s blog we talked around the subject of backing up, that is the computer and data variety rather than the automotive sort, and came to the conclusion that a Cloud back up is probably as secure a way to keep your data off-site and safe as any.

This month we’re going to develop the conversation and think about malicious software, or malware as it’s better known. Who, for example, has heard of ‘WannaCry’? You haven’t? You’re fortunate! WannaCry is malware. More than that, it’s malware aimed specifically at small businesses and home users. We mention it in the hope of dispelling any thoughts you may have that malware, and ransomware in particular, is only aimed at big business. It isn’t. And if you’re wondering what ransomware is, it’s a form of malware that takes control of your computer and makes it completely inoperable until you pay to have it ‘released’.

So, what can you do to protect yourself? Well, if we’re talking desk and laptops, you just need to install good anti-virus software. The same isn’t so true for tablets and smartphones, but if you configure these devices in accordance with the National Cyber Security Centre’s advice, you may not need to install specific anti-virus apps. You’ll find their guidance at https://www.ncsc.gov.uk/collection/device-security-guidance

It may be obvious, but never download Apps to your tablet or ‘phone if you’re not completely sure of their origin. You wouldn’t buy a car from a rogue trader would you, at least we hope not, and the same holds true for Apps, only download them from a trusted source. If you’re running a business that uses ‘smartphones and/or tablets this is especially true because malware downloaded to one device will invariably be designed to spread across systems and so an apparently simple mistake could prove to have far reaching consequences. Downloading from the Apple Store or Google Play is a relatively safe bet. Anywhere else isn’t. Another thing, and we touched on this last time, limit staff accounts to a need-to-know level of access, and be careful about whom you give administrative accounts. We’d suggest, so blame us, that administrative access be limited to specific tasks and no more.

Another thing. Always keep all your devices up to date, both in terms of software and firmware. This isn’t us working on behalf of the computer manufacturers, but it is us recognising that the cyber-war is ongoing and that manufacturers and software folk are at the forefront of the battle. If you have an ‘automatic update’ function on your device we suggest you leave it set to ‘on’. The problem, of course, comes when a device is old and can no longer update. What to do? You know the answer…buy a new one!

Here's one you may not immediately think of: Do not use, and don’t allow your staff to use, USB drives or memory cards to transfer files unless you are absolutely sure of their provenance. Encourage everyone to use email or Cloud storage, it’s so much safer.

Lastly, and if you can, create a Firewall between your organisation’s network and the outside world. Broadband routers and most operating systems now include a firewall…so use them!

comments powered by Disqus