How to Protect Your Small or Medium-Sized Business from Malware
May 31, 2017
Could your business be hit with a malware attack? The answer, unfortunately, is yes. Whether you're relatively large or small, and no matter the precautions you take, your company likely has some vulnerabilities that could be exploited with malware.
A recent article in Health Data Management reported that one in four health care organizations -- which tend to employ more stringent security to comply with HIPPA or other privacy regulations -- suffered at least one malware attack that got past their security in the last year. That is in spite of 94 percent of the organizations reporting that they used firewalls, and 82 percent said they ran software designed to catch malware in real time. If companies in the more-secure health industry aren't able to prevent attacks, it's going to be a challenge for your small to medium-sized business to do so. To increase your odds of keeping away malware, learn about the common types of this malicious software and how you can protect your company.
Types of Malware
Here's what you need to know about the five common types of malware that you may be attacked by, with varying levels of damage.
A virus infects one program, then replicates and spreads across several computers or devices with that program. Usually their intent is harmful; viruses may take over hard drive space or processing time, or they may corrupt data on your computer. Some viruses can, for example, access your email contacts and spread via emailing themselves to other users.
Spyware is designed to access and take personal information, such as login and password information or bank account details. Spyware can also slow down your computer and cost you in productivity. Some spyware isn't particularly malicious -- it may simply track what websites you visit and display relevant advertising to you. But if it is running without your consent and accesses your personal info, even if doing so is not obviously harmful, it is considered spyware.
Like the name implies, ransomware takes over your computer, locks its use or access to certain files, and demands that you pay for the lock to be removed. Because the software that does this is usually created to generate a random encryption key, it's difficult to decrypt and restore data.
Trojans, named after the infamous Trojan horse from ancient Greek history, are a method of delivering malware by piggybacking on something that seems innocuous. They may be downloaded via an email attachment or from a link that looks legitimate. The Trojan itself typically isn't malicious, but it lets in a virus or worm that is.
The purpose of a worm is to rapidly spread to other computers via a network. In some cases, they don't do anything overtly bad, but they take up bandwidth and processing resources and can slow down a network, leading to lost productivity. One use of worms is to create a "backdoor" or method for hackers to break into the computer system. The system can then be used to send out spam or attack other networks.
How You Can Protect Your Business
When it comes to malware, nothing is completely foolproof, but taking smart measures to combat malicious software will keep out the bulk of attacks.
- Install a firewall and keep it up to date. The key is to check for updates to the firewall software often, and install those updates as soon as you know they are available. This will keep out the latest threats.
- Use strong anti-virus software as a second layer of protection. This, too, needs to be regularly updated to stay effective.
- Stay up to date about new threats. If something new has gained a lot of traction, learn about it so you can avoid it.
- Change passwords often. Your employees may grumble, but hard-to-crack passwords that include upper and lower case letters, numbers and symbols are important. Instruct your employees on taking measures to keep passwords safe, like not using them on multiple sites or sharing with anyone. Limit employee access to sensitive areas of your network, and set up multiple layers of protection for those areas.
- Backup your data to a secure location. If a piece of malware renders your system inoperable, you'll have a copy of all your files stored safely in the cloud. Make sure your mobile devices are regularly backed up as well.
- Let your employees know about threats. You want anyone using your system to be proactive about potential infections, and you can help even those self-proclaimed non-tech folks to avoid risky online behaviors like downloading questionable files or falling prey to phishing schemes.
One of the most important elements in preventing a malware attack is to have knowledgeable IT professionals who can prevent attacks, keep software up to date and spot threats before they do damage. Contact us to learn more about how our IT pros can reduce the risk to your company.