The Best Way to Protect Yourself from Ransomware
Are you concerned about your company getting hacked?
How often do you back up your data?
You’ve read about it in the news. Big companies and government agencies getting hacked with ransomware and being down for days, and having to pay exorbitant ransom in order to get their data back. Don’t let this happen to you.
I’m going to let you in a little secret. The best way to protect yourself from ransomware is…. With backups! I know it sounds simple, but stick with me here. It’s more complicated than it sounds.
Yes – you should have business class antivirus software.
Yes – you should have a business class firewall.
Yes – you should have a maintenance and monitoring plan in place to keep all of your systems up to date with security patches.
Yes – you should be training your users to be cautious and not just click on attachments and links in random emails.
Yes – you should have strong passwords and multi-factor authentication enabled.
All of that stuff is important, but none of it is foolproof. Antivirus and firewalls can only protect you from known threats. Same with system updates. It’s critically important to keep your systems patched and up to date with the latest security updates, but even so new threats are discovered each and every day.
Even with all of your precautions it’s possible that some hacker/scammer somewhere will trick someone into clicking on something and then… Bam! You’re infected.
It would absolutely be better to not get infected in the first place, but there are no guarantees, so your last line of defense are good backups and a disaster recovery plan.
In terms of backups, you will want a reliable and comprehensive backup plan that meets the following metrics:
- Identify all important data, and ensure it is stored in approved places that are included in your backups (e.g. shared network drive) as opposed to in your local “my documents” folder.
- Business class backup software such as Veeam or Acronis that can make full system images, perform incremental backups, offer encryption, and feature granular restore capability (ability to restore the whole system or individual files).
- Local backups are stored on separate network storage device that only your backup software knows about. External drives plugged into your server or mapped network drives are just as likely to be encrypted as your server itself.
- Off-site backups. Make sure you have off-site backup capability, either to removable media that is regularly swapped and taken off-site, or cloud storage.
- Off-line backups. Sure, cloud backups are great and provide off-site capability. But by definition, cloud backups mean “on-line,” and there is at least some possibility that anything that is online can be discovered and hacked. Off-site backups (such as removable media that has been physically disconnected) cannot be hacked because they are physically unplugged and off-line. This will save your day if all of your other backups get encrypted.
- Make sure your IT support is competent and has experience backing up and restoring customer systems and data. How does it work? How long will it take? Have you ever had to do it before?
If you miss even one of these, you are setting yourself up for a bad day. But don’t despair – NSG can help. If you aren’t 100% confident that you are fully protected, please reach out and let us know. We’d be happy to review and discuss and come up with a plan to keep you safe and your data secure.
Not all IT support companies are created equal. Over the years I’ve interviewed dozens and dozens of IT guys and I always ask people about backups. I’m sorry to say that most IT guys don’t have much experience with backups and disaster recovery. Make sure the people you work with do or you’ll be the one left holding the bag.