The quicker we report the bad stuff, the less chance it can affect others.
Improving cyber security in your business is not just about spending money. Here are 12 practical steps you can take that do not cost anything other than your time:
- Disable Adobe Flash to run automatically in a browser and only run when you say so.
- Remove Oracle Java from any machines that do not need it (see www.java.com)
- Remove Microsoft Silverlight from any machines that do not need it
- Run all users as standard users rather than as administrators in Windows
- Scan computers with an online scanner at least once a month from a different antivirus company than the one you have installed (for example Eset, Kaspersky, Sophos, Trend Micro)
- Educate your staff about the worst passwords of 2019 and not to use their year of birth as a phone PIN
- Encourage staff to use personal devices for personal internet use
- Block any email attachment that has executable content or the attachment's file extension matches .js or .lnk or .mht or .url or .wsf (for more info see Office365 tips)
- Make sure that you are using legitimate up to date software, keygen utilities often contain malware
- Install the Kaspersky® Anti-Ransomware Tool for Business (https://www.kaspersky.com/anti-ransomware-tool) if you are using Windows Defender as your only antivirus software.
- Consider changing your DNS settings to Quad9 (184.108.40.206) if you do not already filter DNS
- Show all File Name Extensions so you can spot program files posing as documents like SOMETHING.DOC.EXE or SOMETHING.PDF.EXE as the last dot and 3-4 characters would normally be hidden on
Microsoft Windows machines
For more details & info about the above steps, see the latest version of my Internet Security Fundamentals eBook.
The Metropolitan Police created the free Little series of books and videos to explain some of the most common scams and give advice on how to avoid falling victim to them.
Starting in Windows 10, version 1803, Windows no longer automatically backs up the system registry to the RegBack folder. You can re-enable it by configuring the following registry entry, and
then restarting the computer:
HKLM\System\CurrentControlSet\Control\Session Manager\Configuration Manager\EnablePeriodicBackup
For more info, see: https://support.microsoft.com/en-gb/help/4509719/the-system-registry-is-no-longer-backed-up-to-the-regback-folder-start