Get Aligned!

Ransomware: the word on everyone’s lips right now. If you haven’t been hit, you no doubt will be on-edge until the perceived threat disappears. Unfortunately, the widespread infection of Wannacry has only highlighted how easily ransomware can be spread, and how fatal it can be to organisations. So, beyond security software and keeping your systems up-to-date, how can you ensure that your environment is safe? Employee education is the best and most reliable way to prevent malware; there will always be a new virus that will slip through even the tightest of network security, but if users are vigilant and aware, the odds of an infection are low. So what can your users look out for?

    • Emails from a genuine business or organisation such as Apple, Google, UPS, Amazon, high street banks, or HMRC that may or may not appear slightly “off”. Check the logos, the sender email address (not just the sender name), the colours, fonts, and spelling in the email. Do they seem legitimate? Are they asking you to click a link or download an attachment? If so, verify the link before you click by hovering over it with your mouse and check that the address is correct. If you’re not expecting an email or attachment from them or it is different to anything you have received previously, play it safe and don’t open it. Visit the site directly rather than clicking any links within the email.

 

    • Be wary of emails that are telling you that you have a tax refund, asking you to view a link or photo because it’s humorous, asking you to reset your password, or telling you to pay or view an invoice. Unless you are specifically expecting an email like this (i.e., you have just requested a password reset), double check the links and if in doubt, don’t open it.

 

    • Never run an attachment directly from an email if you’re unsure of its origins; save it to your desktop first.

 

    • Finally, at all times your use your common sense and discretion. Start with the assumption that the mail is malicious and work your way to confirming it is safe by visually validating the sender and links before clicking anything.

 

    • Although the main point of infection with Wannacry was through email, webpages can also be used to coax users into clicking on links or images in pop-up windows. Consider turning on pop-up and ad blockers for your organisation.

 

Ensure that all of your users are aware of the threat and are extra-vigilant at the moment especially, and exercise extreme caution when opening emails and browsing the web. Again, while we are all focused on the rampant spread of Wannacry right now, enforcing best practices amongst your users will help keep you safe, regardless of the threat “du jour.”

Back to List

Related Stories

Security on the move

Security on the move

The ability to stay secure and productive anywhere, on any device is of great and growing importance to all businesses.

We look at the fi…

Read Post

Business Benefits of Microsoft Azure

Business Benefits of Microsoft Azure

Connecting Clouds: The growing pains of cloud adoption continue as organisations realise that a single solution of either Private Cloud, Dat…

Read Post

Understand & improve your security posture

Understand & improve your security posture

Gain deeper visibility into and take control of your security.

Assessing your security posture is an ongoing challenge. Increasingly soph…

Read Post

Artificial Intelligence

Artificial Intelligence

Artificial Intelligence (AI) and Machine Learning (ML) are fast becoming important pillars of many organisations’ digital transformation s…

Read Post

IT Risk Management

IT Risk Management

With today’s pressures of compliance, cybercrime and customer demands organisations can no longer afford to have ad-hoc IT Policies and IT…

Read Post

Team Talk

Team Talk

Whether you use Office 365 or not; Microsoft Teams is free. That’s right, free. As in £0. Microsoft Teams is a hub for teamwork. Keep all…

Read Post

Office 365 Powers Ahead

Office 365 Powers Ahead

Microsoft release a quarterly report each month and within the latest quarter (April, Q3 2019) of the Earnings Call section it’s more good…

Read Post

Protecting Your .UK Presence

Protecting Your .UK Presence

The clock is ticking on who can register a .UK domain in your name.

Nominet, the governing body of UK domain names, released shorter .UK …

Read Post

Checklist to Digital Transformation

Checklist to Digital Transformation

Digital Transformation is the novel use of digital technology to solve traditional problems.

It’s about finding new ways to deliver valu…

Read Post

AWS, Azure & Google: A Public Cloud Comparison Report

AWS, Azure & Google: A Public Cloud Comparison Rep…

The three leading cloud computing vendors, AWS, Microsoft Azure and Google Cloud, each have their own strengths and weaknesses that make the…

Read Post