What is the best for ransomware infection?
Install all security updates, create an incident response plan, use whitelisting to the maximum.
Look at the ACSC Essential Eight. If you can implement all of these then you will be highly unlikely to get hit by ransomware.
Proactive: Patch Mgmt Program, Continuos Vulnerability Scanner (search and fix), Monitoring by SOC/NOC or others secutiry tools (like a HIDS or NIDS components).
Reactive: Incident Mgmt Plans categorized and specific by typication, BCP (complete Business Continuity Plan not only Disaster Recover Plans) and, mainly, verified backups tapes/medias (if possible, stored out of company, with continuous restore tests).
First - Use Trend Micro
Second - Apply a Backup System similar to TIME MACHINE Apple.
there are different solutions for ransomware these days. Best i have found is trendmicro end point protection for end users since it has a feature of stopping the attack or as soon as it says changes in files , it starts making a back up copy of it , so even if you get infected by ransomware, you still have a good chance to recover your data.
IPS & Blocking unwanted extensions at gateway level.
Let the community know what you think. Share your opinions now!