- Remove local admin rights from user’s accounts – the normal user accounts don't need local admin rights, if the normal users need to install any software, this will installed by your IT staff , the results, the malicious software will be reduced a lot.
- Patch regularly – patch at least monthly, and educate to restart almost one time per week to apply pending patches.
- Use strong and unique passwords – avoid reusing the same password, this rule applies to everything, and use strong passwords. We recommend use this site to generate strong and unique passwords and store it: https://www.lastpass.com/
- Think before you click – train your staff to think before to click on an email attachment or URL or chat app. Use the common sense, your competitor never sends a bill to your attention or your energy provider sends you a bill or something similar, to be claimed by email. Read carefully all url in browser, if a URL looks strange to you then don’t click it and check the URL at https://www.virustotal.com
- Change default passwords – any device added to your network probably comes with a default admin account and default password. Change the default password ASAP, if you cannot see your device in this search engine, https://www.shodan.io/ This also applies to any software installed with default configuration.
- Backup your Data – Get a copy of important data you have in any laptop or desktop computer, and store this data outside the company if is possible. If the backup cannot do daily then do it weekly.
