Accounting Pro

IDPAA-Mitigating Ransomware Risk Guidance

Ransomware has been a big concern for companies in every sector. As soon as we received an informative post from our friend, Paula Carney Hoffler, at the IDPAA  on advice for Mitigating Ransomware Risk, we reviewed and implemented some of the learnings as part of our IT Security review. We have listed out the 10 important points of guidance that you should be aware of.


Mitigating Ransomware Risk Guidance:


  1. Patch and Secure: Implement monitor system security configurations for critical systems.
  2. Lock Down Privilege: Restrict install software & block portable media control (USB storage)
  3. Filter email content and internet access
  4. Run security software & implement software whitelisting to block viruses.
  5. Harden the Perimeter. Make sure Internet access is regularly scanned for vulnerabilities and fixed.
  6. Implement strong authentication for any remote access.
  7. Encrypt critical IT assets and data.
  8. Back-up data off-line.
  9. Manage identity access to cloud systems constantly.
  10. Make sure vendors are doing these things correctly.

To learn more about what IDPAA do, please review and contact Paula at It would be a great idea for every organization to reach out to them in order to avoid the possibility of ransomware.