Regularly make a backup of your data. The backup should be stored offline, i.e. on an external medium such as an external hard drive. Therefore, make sure that the medium where the backup is saved is disconnected from the computer after the back-up procedure is complete. Otherwise, data on the back-up medium might be encrypted and rendered unusable in the event of a ransomware attack.
Provide employees with training on how to deal with email.
You can further strengthen your IT infrastructure's protection against malware (such as ransomware) by using Windows AppLocker, which allows you to define which programs can be run on the computers in your company.
Block the receipt of dangerous email attachments on your email gateway. A more detailed and updated list can be found on the GovCERT website at: https://www.govcert.ch/downloads/blocked-filetypes.txt
Make sure that dangerous email attachments like these are also blocked if they are sent to recipients in your company in archive files such as ZIP and RAR, or even in encrypted archive files (e.g. in a password-protected ZIP file).
In addition, all email attachments containing macros (e.g. Word, Excel or PowerPoint attachments that contain macros) should be blocked.