Every year, more organizations are dealing with ransomware. In 2019 several local governments in Texas reported attacks on their computer systems.

But it’s not just city hall and big corporations being targeted anymore. Malicious actors can shut down your real estate business by encrypting your files and demanding lots of money to restore them. They can also delete your files.

“Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services,” according to a ransomware guide co-written by the Cybersecurity and Infrastructure Security Agency (CISA).

Follow these tips, adapted from the guide, to protect yourself:

Keep offline and encrypted backups of your data. Back up your data regularly. Many programs let you encrypt your backups. Store your backup offline where hackers cannot access it. Create more than one backup just in case.

Keep software and operating systems up to date. Don’t delay that software update. Technology companies like Microsoft and Apple frequently discover and patch security issues. If you are not using the latest version of software and operating systems, you could leave yourself open to a newly discovered vulnerability.

Learn to spot phishing scams. Don’t open the door to hackers by clicking on a malicious link or file. Be suspicious of unusual email addresses, and do not open emails you think may be fraudulent. If you aren’t sure if a message is safe, contact the sender to confirm the message before clicking any links or opening files.

Avoid suspicious websites. Think twice before visiting websites that do not look legitimate. They could infect your computer with ransomware. Examples include sites with misspelled URLs or unusual domain names, or a link with a shortened URL intended to hide its actual address.

Use strong passwords. One of the most basic and important ways to keep your information safe is to use unique, secure passwords. Change them regularly. Change default passwords. Use a password manager to keep track of them all.

Train your agents and employees. Make sure everyone is informed on cybersecurity threats. There are many free training videos online. Require anyone who uses your computer systems to complete training in this area.

Make sure third parties are staying safe. If you or your company works with a vendor on data storage or processing important information, make sure that vendor is implementing best practices.

Install and use protective software. Antivirus programs and firewalls can help protect you by identifying malicious websites or warning you of potential dangers. Spam filters can divert risky emails before they ever reach you.

Ask IT. Your organization’s IT department can answer any additional questions you may have. The department may have already set up protections behind the scenes.

To learn more, read CISA’s guide at cisa.gov/publication/ransomware-guide.