PSB Configuration Against Ransomware
We've received quite a lot of questions around ransomware and PSB lately, and how should our users configure their policies to ensure best possible protection against ransomware.
F-Secure Protection Service for Business offers protection against the ransomware, such as WannaCry, on several layers to ensure that the attack can be stopped in multiple points during the attack chain.
The default setting of Protection Service for Business reflect this approach, but to be certain, double-check that the following features are enabled.
- Ensure that Browsing Protection in on: Browsing Protection proactively prevents employees from accessing malicious sites hosting ransomware, via phishing emails or links for example, preventing contact with ransomware in the first place.
- Ensure that Real-Time Protection in on: Real-time protection ensures that objects accessed by the user are analyzed on the fly with our full security stack.
- Ensure that Software Updater is turned on: Our integrated patch management feature, Software Updater, prevents attacks from exploiting vulnerabilities by automatically deploying the related security patches,
- Ensure that DeepGuard is turned on: Deepguard provides host-based behavioral analysis and exploit interception that blocks ransomware based on it's malicious behaviour.
- Set Firewall Policy to Strict: Firewall prevents ransomware from propagating within the environment and further encrypting files, for example on a file server.
Further advice on how to protect against ransomware can be found here: