{"id":1460,"date":"2018-02-14T19:29:07","date_gmt":"2018-02-14T19:29:07","guid":{"rendered":"http:\/\/tech-no.104.210.61.21.xip.io\/?p=1460"},"modified":"2018-02-14T19:29:07","modified_gmt":"2018-02-14T19:29:07","slug":"simple-fixes-to-ransomware-in-windows-server-environments","status":"publish","type":"post","link":"https:\/\/tech-no.org\/?p=1460","title":{"rendered":"Simple fixes to Ransomware in Windows Server environments"},"content":{"rendered":"<p>If you support a Microsoft Windows Server environment and are looking for some simple strategies to protect against Ransomware, you should consider the following:<\/p>\n<p>&nbsp;<\/p>\n<ol>\n<li>DNS filtering services such as Zscaler and ThreatSTOP.<\/li>\n<li>Removing Local Admin rights from your users.<\/li>\n<li>Implementing File Server Resource Manager on your file servers and creating a file screen to protect against encryption and alert when user activity looks like Ransomware activity. (<a href=\"https:\/\/gallery.technet.microsoft.com\/scriptcenter\/protect-your-file-server-f3722fce\">https:\/\/gallery.technet.microsoft.com\/scriptcenter\/protect-your-file-server-f3722fce<\/a>)<\/li>\n<li>Protect your endpoints with group policies to restrict executables from running from your temp directories and %appdata%.<\/li>\n<\/ol>\n<p>Obviously there are many options for expanding the protection, but I will save that for future articles&#8230; this is a first step and part of your overall defense in depth measures.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you support a Microsoft Windows Server environment and are looking for some simple strategies to protect against Ransomware, you should consider the following: &nbsp; DNS filtering services such as Zscaler and ThreatSTOP. Removing Local Admin rights from your users. Implementing File Server Resource Manager on your file servers and creating a file screen to &hellip;<\/p>\n","protected":false},"author":7,"featured_media":1461,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"https:\/\/tech-no.org\/index.php?rest_route=\/wp\/v2\/posts\/1460"}],"collection":[{"href":"https:\/\/tech-no.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tech-no.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tech-no.org\/index.php?rest_route=\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/tech-no.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1460"}],"version-history":[{"count":1,"href":"https:\/\/tech-no.org\/index.php?rest_route=\/wp\/v2\/posts\/1460\/revisions"}],"predecessor-version":[{"id":1462,"href":"https:\/\/tech-no.org\/index.php?rest_route=\/wp\/v2\/posts\/1460\/revisions\/1462"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tech-no.org\/index.php?rest_route=\/wp\/v2\/media\/1461"}],"wp:attachment":[{"href":"https:\/\/tech-no.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1460"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tech-no.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1460"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tech-no.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1460"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}