Basic IT Hygiene to Prevent Ransomware-10 Steps All Financial Firms Must Take

Employee Productivity, Security, Strategy


These are some thoughts from John Wooden, legendary coach of 10 UCLA Bruins NCAA Championship teams, which included notable NBA Hall of Fame players, Kareem Abdul-Jabbar, Bill Walton, and Gail Goodrich.

“I believe in the basics: attention to, and perfection of, tiny details that might be commonly overlooked. They may seem trivial, perhaps even laughable to those who don’t understand, but they aren’t. They are fundamental to your progress in basketball, business, and life. They are the difference between champions and near champions. For example, at the first squad meeting each season, held two weeks before our first actual practice, I personally demonstrated how I wanted players to put on their socks each and every time: Carefully roll the socks down over the toes, ball of the foot, arch and around the heel, then pull the sock up snug so there will be no wrinkles of any kind.”

Want to limit the chance of you ever getting hacked with a ransomware infection?  Then, it’s time to take a holistic approach to your cybersecurity and protect yourself from an outbreak. Increasing your security posture and protecting yourself is basic IT hygiene to prevent ransomware—just like putting your socks on properly.

The Top 10 1/2 Basic IT Hygiene Steps To Prevent a Ransomware Attack You Should Be Doing Right Now

 1. Turn on Multi-Factor Authentication (MFA), like yesterday – Are you OK knowing that a hacker in Russia could be trying to log in to your system by trying random passwords over and over again? It is not a secret that most user passwords are pretty poor so the chances of a hacker succeeding are fairly high. By turning on MFA, you make it 10x more difficult for the hackers so they move on to easier targets. Do it now and I mean RIGHT NOW. Make a list of all your applications and methodically turn MFA on in each one of them.


 2. Filter Email – Use a good 3rd-party platform to scan all emails before they ever make it to the users. The filtering platform scans for spam, spyware, viruses, ransomware, and any other rogue messages. Find one that also does sandboxing for extra protection.


 3. Use a Robust Anti-Virus/Anti-Spyware app – Use something better than the free Windows version. Leveraging an AI-based platform has been proven to give superior results with less impact on the computer (gone are the days of booting up and having an anti-virus app run for hours slowing down your machine).


 4. Run Regular Immutable Backups – Backup ALL your data locally and to the Cloud. Make sure the backup data is encrypted and the Cloud side is locked down so no one can delete those backups.  Most importantly, have a procedure in place to test the backups and report on everything.


 5. Educate, Educate, Educate – The more people know about cybersecurity and ransomware, the less likely they will do something that leads to a ransomware outbreak (e.g. falling prey to a phishing attack). A good education and training program can reduce the risk of getting hacked by user mistakes by as much as 80%.


 6. Develop an Incident Response Plan – Do yourself a favor and create one now before you need it. Not if, but when something bad happens, you should have a plan in place for how to communicate, who from your team will be involved, and steps to get past it. Just do a Google search and find yourself a template to use to start.


 7. Document Your Policies and Procedures – Write down all of your IT best practices, policies, and procedures. Review these, at least, annually to ensure they are up to date and still viable.


 8. Install Software Updates Regularly – Did you know that many of the hacks you read about in the news happen because a computer was not updated? This is easily avoided by just doing the updates and having reporting in place to make very sure you are in good shape.


 9. Limit User Rights – Not to impact their work, but to help with security. For example, does the user really need administrative access on their laptop? If they don’t, then don’t give them admin rights. This way rogue apps, like ransomware, cannot be installed in the first place. Same for the rights of files and folders on your network/Cloud.


10. Buy Cyber Insurance – Make sure you have coverage for liability and business loss. Also, make sure that you are aware of the exclusionary “gotcha’s” so the insurance actually covers what you need it to cover when you need it. Don’t ignore all the recommended cybersecurity best practices and expect the insurance company to payout.


The 1/2  (OK, so maybe more than a 1/2….) –  Do the basics:

  • Use long complex passwords,
  • Use a password manager so every system has its own password
  • Don’t use your corporate login for any 3rd party (IE: LinkedIn)
  • Change your WIFI access point password(s),
  • Do not email out sensitive information unless it is encrypted.



I get it. It is a lot of information. If you have questions, shoot me an email at or give me a call (630-547-7011). 


Dig Deeper on Basic IT Hygiene to Prevent Ransomware









John Ahlberg
CEO, Waident

CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

Related posts

Resilient IT: The Pragmatic Solution to Any Fiasco

Resilient IT: The Pragmatic Solution to Any Fiasco

Companies with Resilient IT approach technology strategically and proactively.  Resilient IT reduces the frequency, severity, and duration of fiascoes. More importantly, it gives you an evergreen lens through which to make important IT decisions for the post-COVID-19...

Accessibility Toolbar

Share This