How to achieve ransomware protection in 3 steps
Is ransomware protection really possible?
Many say ransomware protection isn’t possible. However, we politely disagree. While ransomware prevention is still an allusive dream, protection and prevention are not synonymous. It is very possible to protect a business from ransomware and keep it operational, even in the event of an attack. Just follow these three steps.
- Invest in Network Security. Okay, this is obvious, but it is an important foundation to achieving ransomware protection. A current antivirus software, along with a good firewall and web filtering will go a long way in protecting a business from the lion-share of threats. That said, it is very important to note it is JUST step one and does not work in isolation. That’s because, while there may only be a few dominant families of ransomware today, those families have relatives. And those relatives have some more relatives, making it extremely hard to detect and avoid all threats. What’s more, It is expected that new types of ransomware will continue to surface as time goes on. Cyber extortionists are constantly modifying ransomware code to evade detection by the most common defense technologies, such as security software.
- Education is the name of the game. Educate yourself, and then educate your staff. Make sure this is an ongoing process. For starters, know the trends. This year, we’ve witnessed a surge in “polymorphic” malware, which is a variant that changes automatically as if to appear as unique to different endpoints. This is a major issue, because traditional security software often fails to discover singular variants. Many variants also threaten that the ransom will exponentially increase if it not paid within a 72 hour window. Make sure you know how ransomware is being spread. Email is still the most common method for distributing ransomware. It is generally spread using some form of social engineering–meaning victims are tricked into downloading an e-mail attachment or clicking a link. In other cases, hackers install code on a legitimate website that redirects computer users to an alternative and malicious site. Unlike the SPAM email method, this approach requires no additional actions from the victim. Once you’ve done your homework, make sure that you share the information with your staff. Again, on a regular basis. This helps to ensure they are also aware of the latest threats as well as keeps their role in cybersecurity top of mind. Employees need to be trained on both what ransomware looks like as well as what to if it is detected or enabled. Be very specific. Bring examples for them to review or create a safe test environment for them to experience on their devices. Let them know what to do or not do if they suspect ransomware. For example, do NOT click any links, do NOT open an attachment, do NOT engage or pay any ransom, but DO warn others of your findings. You know what they say, it only takes one click. . .Thorough education will go a long way in protecting a business against cyberthreats, like ransomware.
- Back up your data like a boss. Not all data backup is the same. This is a very important point and one that will make or break your ransomware protection plan. Look for a total data protection solution that takes frequent, snapshot-based, incremental backups. This will allow your business to recover quickly, running applications from backup copies of virtual machines, if needed. Datto’s SIRIS 3 model also comes with a new ransomware protection feature. It’s cool because the device will actively monitor backups and notify you when a ransomware attack is detected. When it comes to the threat of ransomware, there are 3 huge benefits to having a modern data protection solution, like Datto: 1. Your business will never need to pay hackers ransom to get critical data back. 2. Your business will avoid data loss since backups are taken frequently and can be restored quickly. Your business won’t experience significant downtime.
And, there you have it: three steps to achieving ransomware prevention for your business. Make the effort, take the time and protect your business. You’ll be glad you did.