If you can access yesterday's files, then there is no need to pay to unlock them today.
Make sure operating systems software on all devices (phones, tablets, laptops) and browsers are patched automatically with security updates.
Make sure your endpoints and network devices are running the latest antivirus and anti-malware software.
Implement email and web security tools that analyze email attachments, websites and files for malware and can block potentially compromised advertisements and social media sites that could be infected.
Deploy application whitelisting, which prevents unauthorized applications to be downloaded or run.
Use strong passwords and have users change them every 90 days. Do not re-use the old passwords.
Segment your network using VLans, so an infection in one area cannot easily spread to another.
Don't open suspicious attachments in emails, even from people you know. This will help mitigate risk.
Deploy Mobile Device Management (MDM) technology which can inspect and block devices which do not meet your standards for security (no client or antimalware installed, antivirus files are out of date, operating systems need critical patches, etc.)
People are the most vulnerable link in your security program, and you need to plan around them. You must implement user awareness training so employees are taught to not to click on email attachments or download files.
This article was recently published in Worcester Business Journal.