How to keep ransomware out of your network

Scenario 

In my previous post Bye-bye Ransomware! ACYA later! , I had analyzed the ransomware problem by mostly focusing on home users.

However, ransomware has started becoming a severe threat in corporate environments, too.

A hospital has been recently attacked by ransomware, but its administration refused to pay the ransom, because they had an efficient backup policy in place and were able to shut down the infected system and keep their primary systems going.

Possible scenarios start being scary and the latest incident made it clear (should there be any doubts) these criminals would do anything to achieve their goals.

What can you do to keep ransomware out of your network?

Steps

1. If you receive any suspicious email attachments (regardless of their file extensions. It doesn't always need, or appear, to be an .exe file), delete them right away. 
2. If one or more clients get compromised, disconnect them immediately from the network.
3. If your company uses cloud storage, disconnect infected clients to prevent them from syncing to the cloud.
4. If you haven't performed a backup already (really??), do it now.
5. Be ready to re-image the infected machine(s), if that's the case.
6. Re-connect infected machines to the network only after making sure they're running a clean and trusted configuration

Wrap-up

E-mail is a gateway to your network.

Your business should have formal and effective procedures in place to deal with suspicious e-mail messages.

Training your employees not to open suspicious email and have your Info Sec Department only dealing with them is the best course of action.

Human factor is critical in Information Security and, sadly, a careless click can destroy an organization's network within a fraction of a second.

A formal and effective backup strategy is absolutely paramount to mitigate this threat.

The hospital incident has dramatically shown how important this concept is.

Will organizations learn this lesson?