What you need to know about effective protection from ransomware
Ransomware is one of the worst forms of malware currently in existence. The good news, however, is that effective protection should keep you safe from most of it. What’s more effective preparation should save you from the worst consequences of any ransomware attacks which do make it past your defenses.
Protecting your data from ransomware
Your Plan A should always be to stop ransomware from entering your system in the first place. You do, however, need a Plan B for protecting your data in case your Plan A fails. Your Plan B should address the potential for data theft as well as the potential for loss of access to your data.
Ransomware and data theft
Ransomware itself does not steal data. If, however, someone can get past your perimeter to plant ransomware, they can steal your data while they’re about it. There is a growing trend of ransomware attacks being partnered with data theft since this effectively gives cyberattackers two kicks at the can. Even if you pay the ransom, they can sell your data to boost their profits. If you don’t pay the ransom, they can sell your data to compensate for their time (or expose it on the internet to embarrass you).
The way to protect against this is to make sure that you encrypt any data you need to keep private. As a bare minimum, you need to encrypt any personally identifiable data you hold. This includes data you collect from your own employees. Personally identifiable data is usually subject to legal/regulatory protection. This basically means that if it is stolen, then you could be looking at expensive lawsuits, as well as a lot of bad publicity.
Ransomware and data loss
The only guaranteed way to recover from an encryption ransomware attack (without paying the ransom) is to restore from an infection-free data backup. This creates a bit of a conundrum. On the one hand, IT departments tend to prefer to back up data as frequently as possible to minimize the amount of data that can be lost if there is an issue with the main system. On the other hand, the more frequently you back up data, the harder it is to scan it thoroughly for any signs that something is amiss.
One, pragmatic, way to resolve this dilemma is to use regular, automated backups for your local system but make sure to scan data thoroughly before putting it into your off-site backup. This will slow down the process and thus almost certainly lengthen your RTOs and RPOs. It will, however, help to ensure that your data stays clean. Even so, it’s best if you can keep data backups from different time points, just in case some slow-acting ransomware slips past your scanners.
Preventing ransomware attacks
As previously mentioned, your Plan A should always be to stop ransomware from getting into your system in the first place. The good news is that a lot of ransomware simply takes advantage of known vulnerabilities. This means that just keeping your operating systems and applications regularly updated is enough to protect you from a fair percentage of what’s currently out there.
For more sophisticated ransomware, however, you need a robust anti-malware product, from a reputable cybersecurity company. For most companies and individuals, the most practical approach is to go for a cloud-based, all-in-one solution. This will give you a complete cybersecurity system ready to go from the moment you purchase it. All the different functions will work with each other without needing to be configured to do so and the vendor will take care of all updates.
In addition to investing in effective automated defenses, it’s strongly recommended to have robust policies regarding the use of the company network, especially email and the internet connection. What this will mean in practice will depend on your working style.
For example, at some companies, it may be possible to restrict the use of the company’s email and internet to an agreed list of contacts and trusted websites. Many companies, however, are going to have at least some employees who need access to the wider internet for research purposes. In fact, it’s increasingly common for employees to need access to social media platforms for legitimate work purposes. The more employees use the internet over the company’s connection, the more they need to be trained on its dangers, and how to avoid them.
Many companies will also need to think about the needs of remote and mobile workers. These will both need a safe way to connect to the company network (typically a VPN) and the latter may also need safe facilities to charge their electronics.
Please click here now to start your free 30-day trial of Comodo AEP.