Good advice James. One major thing I would like to add is that you should notify your IT Provider immediately when you start noticing that you're unable to open things like II. I've had a few offices call me weeks after Crypto had spread through their entire system.
Sometimes they are introduced by bringing an infected machine on the network.
Some other pieces of advice:
1) It's almost always introduced via email. Get a business class email with threat protection like Office 365.
2) Secure your file shares. Do not allow Everyone to see shared files. This is how machines that are added to the network attack.
3) If you use a NAS for backup, make that login separate from your domain and only accessible via the server. I know it seems like a good idea to join it to the domain but don't. At least not since Crypto became a major player.
4) Do not use your main computer/server as a client. Cryptolocker does not have the ability to access locally stored files like a backup drive attached to a server.
.png "ACUF Donor I")
