By now, you’re well aware of the ransomware problem. But just in case you need a refresher, here are some facts that might put you on edge:
- Ransomware is still a huge problem
Cybersecurity Ventures forecasts that ransomware costs will reach $20 billion by 2021.
- Ransomware is evolving
Some of the newest ransomware doesn’t just lock up your data, it steals it. And a new ransomware targeting Mac computers even has built-in spyware to grab credit card numbers and passwords.
- MSPs are the new target
According to the U.S. Secret Service, there’s an increase in ransomware attacks targeting MSPs. Most attacks exploit vulnerabilities in remote monitoring and management (RMM) software.
It’s a little scary right? Fortunately, there are steps you can take to help you prevent ransomware or at least minimize its impact if you encounter it. Let’s take a look.
1. Train Your Users
Your users are your first line of defense, but yet they’re often the weakest link in your ransomware prevention plan. That’s why the Secret Service recommends proactively conducting regular cyber training for your end users. Teach them how to avoid ransomware by showing them what ransomware emails might look like. Let them know what to do if a ransomware message ends up on one of their devices. Once you’ve conducted training, you may even want to send fake phishing tests to users to see if your lessons stuck.
2. Patch Your Systems
Cybercriminals are targeting MSPs by exploiting vulnerabilities in RMM software, and, while vendors fix these vulnerabilities quickly, IT admins don’t always update their systems immediately. To avoid being exploited, update antivirus, firewalls, spam, and RMM software as often as needed.
3. Get Cybersecurity Insurance
Many insurance carriers now offer cybersecurity insurance. Policies vary but usually cover you if you lose data due to ransomware, a data breach, and some disasters. If your business stores sensitive data and you want a little extra peace of mind, be sure to check with your carrier to find a cybersecurity policy that meets your requirements.
4. Take Regular Backups
Taking regular backups helps you ensure that if ransomware does get into your system, you’ll still have a backup image that was taken before the system was infected. Be sure to take backups as often as needed based on your recovery objectives (we’ll get to these). It’s also wise to replicate your backups to another storage repository and to the cloud to ensure that you have sufficient data redundancy.
5. Set Recovery Objectives
Data loss might be scary, but downtime can be just as bad. As you plan your recovery strategy, there are two key metrics to consider. First, think about your recovery time objective. This helps you determine how fast you must recover. Ask yourself: how long can a system be down before it’s too much to bear? Second is your recovery point objective. These help you determine how often you should be taking backups so you don’t lose more data than you can tolerate. Ask yourself: how much data can we stand to lose? A few hours? A few days?
6. Pre-Configure Recoveries
With StorageCraft® ShadowXafe® and StorageCraft Cloud Services you can pre-configure a recovery locally or in the cloud. So if something goes wrong with a system or even a whole network—whether it’s ransomware or even Mother Nature—you can recover in seconds from a cloud-based console. This approach nearly eliminates downtime no matter what the cause.
7. Test, Test, Test
It’s easy to schedule backups and move on. But testing may be the difference between a successful recovery and a major downtime event. It’s wise to regularly test backups to ensure that they’re fully recoverable. Many IT admins will also run through test scenarios. These help them evaluate their ability to stop downtime following a variety of simulated events, including ransomware. Just remember that the more you test, the more prepared you’ll be when disaster strikes. You’ll also have peace of mind knowing you can recover your data when your team is counting on you.
Ransomware attacks will continue to increase. It’s up to you to remain vigilant and take every step you can to prevent it. There is no substitute for preparation, and it’s the surest way to shorten your time to recovery.
If you’re looking to minimize ransomware’s impact on your business, StorageCraft can help. Schedule your custom demo today.