Guarding Against Ransomware: Some Essentials

The objective of ransomware is simple: using invasive encryption to extort money by holding an organization’s network and data hostage. But ransomware technology is far from simple, and it can inflict severe damage on businesses and institutions of any size.

Your best strategy?

Be sure that your network is well-protected before the vandals have broken down your gates. 
If they strike before you’ve hardened your defenses, you can take steps to minimize the damage while you make repairs.  

• Don’t pay the ransom. If you do, the crooks have no incentive to let you off the hook. You have shown that you will give in to threats, so you can expect more demands, with no guarantee of a good outcome. Even if the hackers are satisfied with one payment, they can attack again. 
• If you can, find out which strain of ransomware you’re up against. Hackers work constantly to counter the latest safeguards, so it’s worth the effort to find accurate information about your particular intrusion.
• Isolate the infected systems. Removing the infected machine(s) from your network may leave you temporarily hobbled, but the threat will be contained and you can get to work on removing the malware.

To prevent attacks, take decisive measures to protect your network and your data. If you have anti-malware defenses installed, you may want to check them for vulnerabilities.

• If yours is a small business, set up a scale-appropriate data protection process.
• Whatever your organization’s size, create a disaster plan.  
• Be sure that your security solutions cover every aspect of your network and workstations. 
• Look at potential single points of failure. 
• Guard against endpoint penetration. 

The proliferation of network-integrated smartphones and tablets provides convenient back-door entry opportunities for hackers. Endpoint devices may not be as well-protected as their vendors claim.

Ransomware usually enters a network through innocent-seeming emails, so your users and employees should be part of your defense process.

• Take steps to make your web browsers safe.
• Educate your users and employees about malware and what can be done to block threats.
• Be careful in granting users access to vulnerable areas. If an infection strikes a user’s workstation, it may penetrate network areas that the user has permission to enter. 

Take advantage of powerful defensive tools. 

• Protect your email. Conventional password protection is not enough. 
• Malware can invade your network invisibly via email, but a solid authentication system makes it easier to see.  
• Back up the data on all your servers and workstations using the strongest and most reliable tools. If you don’t already have well-protected backup software in place, be sure to routinely copy your data to removable storage.
• The key to lowering hacker-driven downtime is DRaaS
• Look at best practices that promote redundancy
• Cloud backup is the key component of effective data protection.   
• But be aware that cloud backup systems are not alike. If you have cloud backup in place, it may be time to reevaluate it.

These are some of the basics. To discuss best practices that promote redundancy and protection of your company’s infrastructure call us 1.877.834.3684, email us at info@renovodata.com or reference our site at www.renovodata.com

Please follow our company page on LinkedIn to get the latest information and news on Data Protection and Disaster Recovery.