Not to get too soapboxy, but with Petya/Nyetya ransomware hammering the news I’d like to take the time to recommend that anyone in any position of IT authority make sure the following things are in place:
Patch your servers and endpoints consistently — do not lag behind patches by months. The primary (but not only) mechanism for this ransomware spreading is an exploit that Microsoft patched in March of 2017.
Make consistent backups and do not for one second believe that “to another hard drive on the same computer” is a safe place to back up.
Run antivirus or anti-malware software. It’s not a ‘nice to have’ anymore, it’s a requirement for keeping your data secure in the current internet climate. Keep it updated.
Utilize proper role based access controls. Do not grant people Domain Admin rights. Create specialized roles once and apply them as necessary. Domain Admin rights may as well be keys to the full kingdom and are a perfect example of “quick and easy” not being “the right way”.
Never rely on a single thing to protect yourself or your environment. True protection requires multiple layers of defense — e-mail malware protection, network exploit protection, endpoint malware protection, and proper training.
I hope no one I know or their respective employers got hit by this — just like WannaCry, this is a wake up call that spending the time to secure yourself is not an option any more, it is a requirement if you want to protect yourself and your data.