News Categories
Announcement (9) Amy Babinchak (64) Tips (1) SBS 2011 (6) Windows Essentials 2012 (4) Edwin Sarmiento (28) SQL Server (22) SQL Server 2012 (6) SQL Server Clustering (3) SQL Server Disaster Recovery (6) Windows Server 2008 Clustering (1) log shipping (1) Brian Higgins (3) Uncategorized (42) Hyper-V (67) Virtualization (13) Windows 8 (13) Cisco VPN Client (1) Windows Server 2012 (24) Friend of TT (4) Hangout (2) Office365 (4) DNS (8) Jeremy (7) Cliff Galiher (3) Active Directory (12) ClearOS (4) Linux (4) presentations (2) SQL PASS (6) Chris Matthews (4) Printers (2) SharePoint (8) SQL Server Administration (7) Windows PowerShell (3) recovery model (1) sql server databases (1) Dave Shackelford (7) SMB Nation (1) Steve (1) Boon Tee (5) Kevin Royalty (3) Lee Wilbur (2) Philip Elder (10) SMBKitchen Crew (31) Susan Bradley (15) AlwaysOn (1) AlwaysOn Availability Groups (4) readable secondaries (1) row versioning (1) undocumented (1) The Project (2) Webinar (3) Enterprise for SMB Project (9) Security (25) Remote Desktop Connection for Mac (1) Remote Desktop Services (8) Windows Server 2008 (1) Exchange (15) Powershell (6) Microsoft (15) Performance (7) data types (1) Server 2012 (1) monitoring (1) DevTeach (1) SQL Server High Availability and Disaster Recovery (5) Clusters (44) Hyper-V Server 2012 (2) Business Principles (26) Cost of Doing Business (13) DHCP (7) sbs (15) Windows Server (30) SMBKitchen (26) Windows Server 2008 R2 (4) StorageCraft (1) P2V (1) ShadowProtect (6) StorageCraft ShadowProtect (1) VHDs (1) Intel RAID (2) Intel Server System R2208GZ (1) Intel Server Systems (17) RAID (2) SAS (2) SATA (2) Server Hardware (12) Microsoft Licensing (2) OEM (2) System Builder Tips (4) Intel (5) Intel Channel Partner Program (4) Intel Product Support (10) Intel Server Boards (2) Intel Server Manager (2) Cloud (26) IT Solutions (2) On-Premises (20) SMB (9) WIndows Azure (2) StorageSpaces (1) Error (47) Error Fix (35) Intel Desktop Boards (2) Intel SSDs (2) SSD (2) Business Opportunity (17) Data Security (11) Identity Security (7) Information Security (14) Privacy (2) Intel Modular Server (6) Promise (2) Storage Systems (9) Live ID (2) Microsoft ID (4) User Profiles (2) Articles (2) Building Client Relationships (6) DBCC IND (2) DBCC PAGE (2) filtered indexes (2) SQL Server Index Internals (2) training (11) Adobe (3) Internet Street Smart (8) Intel Storage Systems (2) LSI Corp (2) LSI SAS6160 Switch (2) Storage Spaces (7) Firmware Update (2) Product Support (7) Hybrid Cloud Solutions (3) Server Core (2) MAXDOP (1) SharePoint 2013 (1) SharePoint best practices (1) SQL Server Authentication (1) Family (5) Alternatives (1) SBS 2011 Standard (4) Microsoft Small Business Specialist Community (2) Microsoft Surface (2) SBSC (2) Networking (4) Availability Groups (3) CANITPro (1) HA/DR (1) Step-By-Step: Creating a SQL Server 2012 AlwaysOn Availability Group (1) webcast (1) VMWare (2) Conferences (2) Client Focus (2) Disaster Recovery (6) Error Workaround (8) Troubleshooting (4) Logitech (2) Product Review (7) Windows Features (4) XBox Music (2) SBS 2008 All Editions (4) MDOP (2) Microsoft Desktop Optimization Pack (2) Software Assurance (2) W2012E (6) Windows Server 2012 Essentials (6) Internet Explorer (3) USB 3.0 (2) USB Hard Drive (2) Bug Report (2) Microsoft Office 365 (5) sharepoint online (2) BitLocker (2) Windows (2) Microsoft Update (3) Swing Migration (2) Windows Update (4) Outlook (2) Group Policy (9) WS2012e (2) WSUS (3) Office (3) Microsoft Downloads (5) Microsoft Office (3) DRP (3) Virtual Machines (2) Virtual Server Hardware (2) online course (1) SQL Server learning (7) 2 Factor Authentication (2) 2FA (2) PASS Summit 2013 (4) SQLPASS (5) Contest (1) e-learning (1) Udemy (1) smbtechfest (1) backups (2) PASS Summit First Timers (3) IIS (2) RD Gateway (4) RD RemoteApp (2) RDWeb (4) Remote Desktop Connection (2) Remote Web Access (2) Remote Web Workplace (2) Cryptolocker (6) Backup (4) Restore (2) CryptoLocker (1) AuthAnvil (1) SBS 2003 (1) SBS Migration (1) Windows Server 2012 R2 (9) Documentation (1) IE 11 (4) testimonials (11) SQL Server 2008 (1) Best Practices (1) Support (1) Intel Xeon Processor (1) RemoteApp (1) Android (1) iOS (1) Hyper-V Replica (2) PowerShell (2) SBS (3) Break (1) Business Intelligence (1) Excel 2013 (1) Power Map (1) Power Query (1) PowerBI (1) MultiPoint (2) Surface (1) Net Neutrality (1) Opinion (2) ASP (9) HP (2) Scale-Out File Server (8) SOFS (10) Windows Phone (1) Updates (1) Intel NUC (1) Intuit (1) QuickBooks (1) Office364 (1) Intel Server Systems;Hyper-V (1) Firewall (1) Patching (1) Mobile (1) Mobility (1) sharepoint (1) Microsoft Security (1) Beta (1) Storage Replication (1) outlook (1) Hyper-V Setup (3) JBOD (1) Azure (1) PCI (1) PCI DSS (1) PII (1) POS (1) MicroStaff (2) Catherine Barr (2) Third Tier (1) BeTheCloud (1) BrainExplosion (1) LookAWhale (1) Manuel (1) Rayanne (3) SuperSecretNews (1) TechYourBooks (3) Managed Services (1) Training (1) E-mail (1)
RSS Feed
News
May
17
Windows 10 tools have been added to the Ransomware Prevention Kit
Posted by Amy Babinchak on 17 May 2018 12:41 PM

It has been about a year since we added new material into the Ransomware Prevention Kit. That’s a long time and it’s because Ransomware is somewhat a mature industry now. In the 5 years that we’ve been fighting this nasty with IT best practices we’ve noticed a certain stability. The attacks methods are varied but they really boil down into a few basic concepts that you need to avoid Ransomware.

  • An educated user population
  • Avoidance of Phishing
  • Near immediate patching of Windows, Adobe and Flash
  • Use of latest versions of applications
  • Good IT practices to protect backup, avoid unwanted applications and prevent permission sprawl

Another thing has changed in the last 5 years. Computers are now more frequently not joined to on-premises domains. Instead they are stand-alone or joined to Azure AD. This on top of the announcements that Group Policy is now considered legacy technology and Software Restriction Policies are no longer being actively developed which in Microsoft speak tells us that both of these technologies are being phased out, means that we have to change too.

To that end you are going to find .reg, .pol files are the predominate means to managing Windows 10 computers. But we’ve also still supplied the old software restriction group policies because they still work. We’ve just put the new configurations into a different format.

In the photo above you see the list of files that reside inside of the zip file you’re going to find in the kit called Win10RansomPreventionFiles.zip. Note the text filed called Read the PDF’s first. Guess what that means? It means that you really, really, really need to read the two PDF files first in order to understand what the local group policy and reg keys are doing and how to customize them for your use. The PDF called Ransomware and Windows 10 is a long article detailing out all of the settings, what they do and how to manually deploy them. Once you understand that, you can then move to using the pre-built tools that we provided so you don’t have to reinvent the wheel.

There’s a second PDF that you should also read. Preventing ransomware on Windows 10 depends on using Windows Defender so please read the Understanding Windows Defender PDF. Especially if you think you don’t care about Defender. Many of us did’t like Defender and I want you to rethink that as we have.

I hope that you enjoy these new additions to the kit. I’ve copied other relevant articles into the zip file for convenience mostly. They aren’t new but they go along with Windows 10 and represent a tiny start to a reorganization of the materials to make them easier to find and consume.

One last thing, as you know we raised money from the donations for the kit to launch a scholarship fund. It is working. We are providing scholarships, changing lives and improving our industry at the same time. You should be proud of yourself for your contribution. Here’s a note from a recipient and if you’d like to make another contribution, your money is welcome. You can make another donation here

Would like to say “Thank You” and make a donation

Greetings Amy, I was fortunate to be one of the recipient of a scholarship through Third Tier a while back for the completion of my Security+ certification. It came at a time where my life, let alone my career, was up in the air. Getting that cert gave me the confidence to pursue my CCNA Cyber Ops which led to a new position as an Information Security Analyst with a great organization where I am now on the fast track to becoming the Information Systems Security Officer. So, I want to truly say thank you!! I appreciate the work you are doing with Third Tier and I would like to pay it forward with a $500 donation. How can we facilitate this? Best regards, LaDon Williams

If you need need to purchase the Ransomware Prevention Kit you can do that here. If you would like to send us some more money for our work in the kit and keep funding this project you can do that too. Please do that here

_____________________________

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog


Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below. This is required to prevent automated registrations and form submissions.

Help Desk Software by Kayako Fusion