Ransomware is a single word for a big, diverse problem. It isn’t just one program like WannaCry or GoldenEye, or Petya, it’s all hacker-borne viruses that have ever been or ever will be designed. One really good firewall and anti-virus setup won’t protect you forever because if history has taught us anything it’s that hackers won’t quit it. They will continue to look for loopholes, backdoors, and brute force attacks to invade your computer system and ruin your day. The good news is that even in a worst-case scenario where these malicious programs get into your company system and encrypt every important business file you possess, with the right preparation you can quickly and easily thumb your nose at the low-life hacker with a completely ransomware-proof plan.
It’s all About the Backups
Yes, in an ideal world we’d be talking about nothing but malware detection, email scanning, and firewalls and don’t get us wrong, these things are important. However, these things are like washing your hands before eating supper. It will reduce the number of ‘germs’ you are exposed to, but it won’t elimate your exposure completely. A comprehensive ransomware, and indeed any malware plan may start with firewalls but it always ends in backups. Why? Because with the right backups, you can recover from anything, even a full-encryption ransom attack.
1) Create a Complete Backup of Each Machine
Ransomware has to have an entry point, and this is usually a personal computer. These days it can also be a mobile or IoT device and the importance of recovering data on these devices should be considered when planning for backups. When ransomware strikes, it encrypts every file on the computer and then uses files from the program to project the ransom message and interface. While you could mess with the hackers, your best bet is simply to wipe the computer to factory settings and re-install everything you need.
Of course, doing this manually could take hours if not days so what you need is a total backup complete with software installs and configuration settings as well as the basic file system. This kind of backup takes more space to store but it also allows you to cut off a hack at the start and get the system back to safe working conditions in a matter of minutes rather than days. This method is especially useful if you have a floor worth of computers that share a similar if not identical configuration.
2) Save Your Data on the Cloud
In general, ransomware can only attack files stored locally on infected computers and networks. This means that while they may be able to reach out to remote servers you are actively connected to, if you save your business data through a cloud storage service or, better yet, through third-party SaaS servers for the platforms you use, the ransomware won’t be able to corrupt it. To harden your defenses and protect sensitive company and client information, make sure that important data isn’t stored on a local system, even in the Temp folder. This way, hackers will neither be able to breach your security and leak information or deny you access through encryption or local deletion.
Paired with the complete computer backup, a cloud data storage system means that after a localized attack, you can recover the compromised system up to the point where it is immediately compatible with your cloud platform again, putting the workstation back into use quickly.
Believe it or not, the setup is the most complicated part of establishing a ransomware-proof business plan. In fact, it’s only the first half of the article. Join us next time as we cover points three through six from your infrastructure backup to your restoration plan. For more tips and advice on best backup practices, contact us today!