Attacks on company networks and infrastructure are increasing every year, and the most popular weapon right now is through ransomware. Antivirus software used to be enough to protect your computer, but with hackers targeting the intrinsic value of company data, you need a new defensive plan to ensure that your data stays safe.
Antivirus still has a role on the end-user computer, but only when combined with an integrated protection platform. These solutions come with antivirus, antimalware and intelligent scanning. The intelligence aspect of the protection means it is in real-time communication with an application signature database. These databases provide instant updates against pandemic computer viruses and cyber attacks, and they get the required updates out to the end user in a timely manner, thus preventing the spread of the infection.
Ransomware infects most end-user machines because of human intervention, which will usually come in the form of Phishing. Phishing occurs when a non-legit email is sent to someone within an organization, with the email crafted to look like a personalized message. The end user then clicks on an attachment, which then delivers the viral payload. The next time the computer reboots, or at some point thereafter, the ransomware will install itself on the computer. Then, the computer locks up and gives the typical warning message, demanding ransom.
This attack vector is the most common way for a computer to become infected, and it is successful time and time again. Delivering a security awareness program on an annual or semi-annual basis that emphasizes these attack vectors and educates users on how to deal with them will have a long-term impact in keeping data safe.
Local and Cloud
Backing up data is an absolute must in any organization. The only real way to protect against ransomware is to ensure the data is backed up regularly and stored securely.
To establish a backup schedule you need to identify the value of the data, or else know how critical it is to the operation of the business. Once you know the value, you can build a backup schedule around it. The most critical data should be backed up multiple times per day, whereas personal folders could be backed up once a week or longer, depending on the company preference.
Backing up data protects its availability, but the integrity is also a crucial component. In this case, you need to have a redundant backup storage solution. A locally attached external hard drive is a start, and it allows you to swap out backups easily, keeping one stored offsite. The challenge is that ransomware seeks out locally attached drives and encrypts them as well. To truly have secure backups you also need to maintain a cloud backup of the data.
If you have a cloud backup of your data, you need to be careful of when you schedule your backups. Depending on the time of day and the type of backup, it may eat all of the available network bandwidth and impact productivity. It’s best to do incremental backups, or backups that scan only for changes, during the daytime, and to reserve full backups for the evening or off-production hours.
With awareness and a redundant backup infrastructure, all combined with front line endpoint protection, you are setting yourself up well to withstand a ransomware infection.