Link to home
Start Free TrialLog in
Avatar of Frank Kavanagh
Frank KavanaghFlag for United States of America

asked on

Do I need additional protection from ransomware?

I have Vipre Internet Security and Malwarebytes Antimalware installed on my system.   Do I need additional protection from ransomware?
Avatar of Paul MacDonald
Paul MacDonald
Flag of United States of America image

No prevention product is 100% effective.  Overlapping your defenses as you've done is a step in the right direction.  

That said, having several good, current backups is the only way to be sure you can recover from any potential threat(s).
Having security at different levels is important and it appears you are doing that. Just keep in mind putting two solutions on the same system is sometimes counter productive. Just be sure the vendors support what you are doing.

Most security measures are reactive, so ensuring you have the ability to restore your files and systems if anything goes wrong is also critical.
Agreed! Good daily backups are crucial in combatting ransomware. That and useful and rewarding employee education! Use the NCSAM as an initiative to start and run the trainings focusing on social engineering, rewarding safe internet citizen practices.
SOLUTION
Avatar of btan
btan

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of BWA IT
BWA IT

I'd also recommend adding "Gateway Antivirus" to your firewall if available.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Frank Kavanagh

ASKER

I looked at Malwarebytes Endpoint Security bundle, which includes Anti-Malware and Anti-Exploit.   Since I have Vipre Internet Security, can I use both or will Malwarebytes substitute for it?
Viper Internet Security pro states it has below and from it description it is close to MB anti exploit. They would be equivalent.

Edge Protection™
Defends against Zero-day threats by protecting web browsers and their components against drive-by download attacks and known and unknown exploit kits.
Eirman recommended not logging in as an administrator unless it is required.   That seems like a wise move.   Is there any way to change my user from the administrator's group to the non-administrator's group so I do not have to set up everything as a new user?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Yes indeed least privileged principle is the gist of giving non-admin rights to user. Esp not as default in administrator group, the user should be removed as member in this group. This applies even for existing users.
Adding on, consider validating on the changes also use of AccessChk which is a tool that shows you the accesses the user or group you specify has to files, Registry keys or Windows services.
https://technet.microsoft.com/en-us/sysinternals/accesschk

As a whole strategy consider
Utilise a role based approach when allocating privileges @ Remember to allocate access according to roles or function rather than to users. This is easier to manage in the long run, if you are implementing Role Based Access Control (RBAC) remember that role creep is possible so roles and access need to be reviewed on a periodic basis. I typically recommend once every quarter or at a minimum once every six months. Maintain, review and revise privileges on a regular basis to keep them up to date and effective


Revise access to legacy applications @ Isolate the application and only allow the necessary access to the application, to the users and systems that require access. Administrative access should be limited down to exactly the function that is required. So that domain admin accounts that have been used for years should now be locked away and the password changed so that no-one can abuse that level of privilege.
I am running Windows 7 Professional and was able to activate Administrator so as to use it as needed in the future.   I changed my default administrators group user to a standard user, so I was able to keep all my settings.   Many thanks to all who responded to my question.