Organizations find it difficult to prepare for a ransomware attack. Reason for Microsft to share three steps that help prevent ransomware.
1. Set up a recovery plan where no ransom is paid. Organizations must, among other things, map and backup their important data and systems, protect the backups and perform recovery tests with all systems offline. Microsoft also recommends printing the recovery plans or storing them somewhere safe, as it regularly prevents attackers from deleting these documents.
2. Limit the damage that attackers can do by protecting the accounts of system administrators. Often attackers try to take over these accounts so that they can move further through the network. Microsoft recommends using multi-factor authentication for system administrators and monitoring the use of these accounts.
3. Make it more difficult for attackers to get in. For example, the “security hygiene” must be improved by reducing the attack surface and applying patch management. In addition, efforts must be made to protect, detect and respond.