5 Ways to Avoid Ransomware Attacks

As providers of salon management and online booking services, we make security a top priority. The salons and spas that use SalonTarget can rest easy knowing that their data – and their customers’ data – is safe and sound. Still, all it takes for a device to get infected by ransomware is a click on the wrong email attachment. And make no mistake – ransomware attacks are happening all the time, against individuals, businesses, even the government. As a refresher, ransomware is a type of malware that blocks access to a system, device, or file until a ransom is paid. This is achieved by encrypting files on the endpoint, threatening to erase files, or blocking system access. Imagine losing access to your salon or spa’s work computer until a ransom is paid. Not a pleasant scenario to imagine, is it? Fortunately there are steps you can take in your salon or spa to ensure that you and your employees never fall victim.

1 | Use Work Devices For Work Only

This may be the single most important step you can take to avoid ransomware attacks on a work device. Since many of these attacks happen through email attachments, preventing your workers from using work devices for personal reasons greatly reduces this threat. The only logging in that should take place on the work computer is to the software management system – and even then we strongly encourage using appropriate level access only. An hourly employee should not have admin access, for example. Learn more about how SalonTarget’s built-in security features keep you safe.

2 | Education

Your workers cannot prevent an attack they don’t see coming. Take time during a staff meeting to review ransomware attacks: what they are, how to spot them, and how to avoid falling victim to them. This might be a good time to hire an outside IT consultant to come in and present to the staff on the dangers of security lapses and ransomware attacks.  This would be also be a good time to bring up the below…

3 | The “Suspicious Email” Policy

We had a client recently receive a suspicious email sent to the company’s email address. It was sent from what appeared to be a legitimate company claiming the salon had infringed upon a copyright in using an image. (It is not uncommon for ransomware attacks to occur under the guise of a business-critical email requiring immediate response). The email contained an attachment, which – if clicked – would have initiated a ransomware attack on that device. A great policy is the “suspicious email” policy, which states that no one is to click on an attachment in an email that appears suspicious. As a general rule, any email containing instructions to open an attachment to “avoid further actions” or any similar language should be considered suspicious. It’s not just the staff that needs to adhere to this policy. The above incident happened to an owner!

4 |  Keep All Devices Up to Date

While your SalonTarget software will ALWAYS be the most up-to-date version, it’s important that the operating system of the devices you use are also up to date. This will ensure that your computers, laptops, and tablets do not have any security gaps that attackers often look to exploit. If possible, turn on auto-update. 

5 | Have a Worst Case Scenario Plan

In the unfortunate event that your device falls victim to a ransomware attack, what’s your next move? Who are you calling to fix it? If an employee mistakenly triggers an attack, what should they do? Take some time to work out a worst case scenario plan. You should have a contact or two in the IT world who is available to assist in addressing a ransomware attack – or any of your IT needs, to be frank. Your employees should also be familiar with how to respond to an attack. Swift and decisive action is paramount – especially if the device affected is needed by the business. Are you looking for a salon management and online booking solution that provides cutting edge security and protection against hackers? Get in touch today!