2. Secure Your Network
Effective user training can help stop a lot of attacks, but keeping your network free of malware also requires a combination of effective perimeter filtering, strategically designed network architecture, and the capability to detect and eliminate resident malware that may already be inside your network.
- Prevent threats from entering the network with a next-generation firewall or email gateway solution to filter out the majority of threats. An effective solution should scan incoming traffic using signature matching, advanced heuristics, behavioral analysis, sandboxing, and the ability to correlate findings with real-time global threat intelligence.
- Control and segment network access to minimize the spread of threats that do get in. Ensure that students can only spread malware within their own, limited domain, while also segmenting. For example – allow administration, teachers, and guests, each with limited, specific access to online resources.
- Clean house. Your infrastructure likely contains a number of latent threats. Email inboxes are full of malicious attachments and links just waiting to be clicked on. Similarly, all applications—whether locally hosted or cloud-based—must be regularly scanned and patched for vulnerabilities.
3. Backup—Your Last, Best Defense Against Ransomware
When a ransomware attack succeeds, your critical files—HR, payroll, grades, health records, confidential student files, email records, etc.—are encrypted, and the only way to obtain the decryption key is to pay a ransom.
But if you’ve been diligent about using an effective backup system, you can simply refuse to pay and restore your files from your most recent backup—your attackers will have to find someone else to rob.
Automated, cloud-based backup services can provide the greatest security. Reputable vendors offer a variety of very simple and secure backup service options, priced for organizations of any size.
For budget or other reasons, your organization may be committed for the time being to a legacy, on-premises backup solution. If so, you should certainly be planning to transition to a cloud-based system. In the meantime, be sure to configure your system to update backup files throughout the day, and be extremely diligent about moving your current backups to a secure, off-site location every evening.