How Does Ransomware Work?
How Can You Protect Your Business and Limit the Fallout?
- Limit access to your systems, including local admin access (the principle of least privileges).
- Ensure your system is patched, along with third-party apps like Adobe and Flash.
- Secure the system with antivirus, anti-malware, and email security services that block known threats; implement tools that scan incoming emails or flag employee activity on known malicious websites.
- Invest in good data backups.
- Evaluate and monitor connections with third-party vendors. Allow access only as required for them to provide services, and only on network segments they need.
- Instruct employees to report suspected phishing emails.
- Communicate with employees about current ransomware threats.
- Test employees periodically with sample phishing emails and unfamiliar attachments to maintain awareness.
- Create an incident response plan, ideally involving IT, legal counsel, internal and client communications, and forensic analysis; test and refine it regularly based on newly identified weaknesses and threats.
- Invest in cybersecurity insurance, with a full understanding of what’s covered in the event of an attack.
- Make sure vendor contracts include language requiring vendors to notify you within a short period of time of any attack on their systems. Know how to shut down connectivity quickly in case of attack.
- Enhance your tech stack. An incident response manager tool will allow you to see how/where you’ve been compromised, act fast, and minimize the impact of a ransomware attack; a file integrity management solution can tell you whether any changes made were authorized by your existing change management system.
- Make sure you have access to enough Bitcoin in case paying ransom is your only option; you might want to establish a Bitcoin account expressly for this purpose.
- Check with law enforcement to determine your odds of recovering data. Depending on the type of ransomware deployed, you might be able to get a decryption key from the FBI’s database.
- Perform a system analysis to determine what communications went outbound and what specific actions were taken on the system. These details will help you determine what gaps in your security stack need fixing.
Want to Learn More About Ransomware Preparedness?
Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.
© 2019 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.
Info and Insights You Won't Want to Miss
Here on the OS Blog, we aim to give you just the right mix of high-level views, tactics, and tools you can use to optimize your collection operations and results. Subscribe today for a steady stream of practical, empowering content delivered to your inbox weekly.
As a passionate advocate for the accounts receivable management (ARM) industry, I have a growing concern about the misinformation flooding the marketplace related to the requirements of Regulation F in the final Consumer Financial Protection Bureau (CFPB)...
FALCK USA Supercharges Its Self-Pay Workflow and Sees Double Call Volume Capacity, 2X Faster Insurance Billing, and Increased Cash Flow
With nine U.S. billing centers and roughly 12,000 inbound patient calls daily, FALCK USA needed to standardize and streamline its self-pay operations. Reps had no easy way to verify data, patients couldn’t get timely information, and the billing process was cumbersome...
There are many pieces to the patient satisfaction puzzle. It isn’t just the care patients receive; billing and payments are becoming increasingly important. A quick recovery means little when a patient feels they’ve been subjected to an unfair billing...
If you couldn’t wait to say goodbye to 2020, you’re in good company. It was a turbulent, unsettling year that took a heavy toll. For local and state governments nationwide, the events of 2020 also brought certain issues into sharper focus. Chief among them is a lack...
The ARM industry waited in tense anticipation of the Consumer Financial Protection Bureau’s (CFPB) final rule for what seemed like an eternity. You probably spent significant time educating yourself on the proposed rule, and laying the groundwork to an...
Cloud-Based Omni Voice™ Saves the Day: After a Sudden Move to Remote A/R, Methodist Health System Revolutionizes Performance Management
Just three weeks before COVID-19 restrictions forced them to suddenly transition to remote work, Methodist Health System’s A/R team implemented the Omni Voice™ SaaS contact management platform to streamline and improve patient engagement and revenue recovery. Omni...