Just read a Veeam blog post about how to protect your organization from ransomware attacks. Because we cannot talk enough about ransomware-protection, I want to give a small summary of the blog post here. Consider it as an invitation to read the original post carefully!
https://www.veeam.com/blog/how-to-protect-your-organization-from-ransomware-attacks.html
- Attack Vectors – often started at endpoints
- Phishing emails, with/without download links
- Reuse of compromised user identity
- Brute-force attacks
- Exploiting vulnerabilities
- DDoS attacks
- Countermeasures
- Patch and keep your systems
- Apply strict MFA for all remote
- to avoid brute force attacks
- Protect user
- Protecting the endpoint
- Traditional antivirus is no longer enough
- Email security
- Data protection
- Backup, backup, backup
- 3-2-1 Rule
- Visibility
- Monitor ransomware attack specify metrics
- I personally add: train your employees
- Other related actions to reduce risk
However, nothing is guaranteed to protect you 100% from attacks