Protect Your Organization Against Ransomware Attacks in Three Easy Steps
It happened. Over the last few years, security experts and technologists alike have been talking about the potential impact of a global ransomware attack, and on a Friday morning, starting in the UK and rippling across Europe and Asia Pacific, more than 200,000 computers in 150 countries were compromised.
As organizations assess the overall impact, and IT teams and administrators scramble to ensure no vulnerabilities remain, the importance of preparing for a ransomware attack has never been more vital; it is no longer a question of if it will happen but when.
Fastest Growing Cyber Threat
More than 4,000 ransomware attacks have occurred daily since January 2016 — a 300% increase from 2015. According to the FBI, WannaCry malware was not stoppable by antivirus software scans, and was engineered to take advantage of a Microsoft vulnerability. Although Microsoft released a patch in March to address this vulnerability, and then released a second patch on May 13th to stop WannaCry, this patch, unfortunately, was not applied by many Microsoft customers.
Dry Your Tears
So how do companies mitigate the risk of ransomware attacks in their organizations? We believe that a consistent and multi-layer approach that involves software vendors, customers, ops, processes and security is critical.
After the WannaCry attack hit, Microsoft President and Chief Legal Officer, Brad Smith spoke to the importance of, “a shared responsibility between tech companies and customers to provide security.”
Here are a few ways to get started.
Protection Against Ransomware in Three Easy Steps
Implementing a strategy to help protect your organization against malware attacks is not as daunting as it may first seem. The following steps speak to the relationship between software vendor and customer, and lay out steps the customer can take to protect themselves.
- Practice good security hygiene. Implement a centralized patch management system, for example and ensure that your anti-malware and antivirus software is always up to date.
- Enable strong SPAM filters to prevent phishing emails from reaching end users and authenticate inbound email using technologies such as Sender Policy FrameWorks (SPF), Domain Message Authentication Reporting and Conformance (DMARC) and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
- Implement a secure and trusted data backup and restore solution that ensures your data is safe and intact and allows you to quickly restore some or all of your data from a previous point in time.
Implementing a backup system is a critical step in your data protection planning since it ensures you are well prepared to quickly recover from data loss—not just from ransomware attacks but also from other malicious attacks, end user errors, and configuration or sync errors.
Having a granular, complete and trusted backup service in place protects you in two ways: First, your data is safe and can be restored from any point in time, easily by your IT admin. Second, you won’t have to consider paying ransom to hackers, as you still have access to an unencrypted version of your data.
Your organization probably already has anti-malware solutions running, and other data protection measures in place. But are you using a backup and recovery solution for your cloud-based SaaS applications? And if so, does it allow you to go back to a certain point in time?
As our CEO Jeff Erramouspe says, “This recent ransomware attack is why you protect your data with backup and restore solution. And I mean all your data no matter where it sits.”
Cloud-to-Cloud and SaaS backup solutions such as Spanning Backup provide leading backup products for Office 365, G Suite, and Salesforce, and can be implemented in a matter of minutes.
So dry your tears, and start today. There’s no time to waste.Download our 3-step Guide to SaaS Data Protection