“Probably every one of our clients has had some kind of experience with ransomware,” said David Tidwell, Help Desk Supervisor at Rigidnet, a Texas based MSP and partner. “But, many don’t understand exactly how to protect against it.” Ransomware is a well-known problem, but a lot of businesses aren’t thinking proactively about it yet—especially smaller businesses. For example, many think about ransomware strictly as a security issue. But, that’s not entirely accurate. As ransomware is constantly evolving, it is important to make it clear to business owners that they need a secondary layer of protection to recover, if malware slips through the security cracks - which it often does.
Ransomware has made data backup, business continuity and security inseparable—each play an important role in protecting against ransomware. Business owners must understand that a proper business protection strategy requires a three-pronged approach, comprising education, security and backup.
Make sure your employees know about the rise in ransomware incidents and have tools and a strategy in place to educate your entire organization. For example, all current and new employees should have to go through some sort of basic cyber security training. During this training, provide specific visual examples of what a phishing email looks like, which is one of the leading causes of a ransomware infection. All employees should know how to spot a malicious email and know exactly what to do if they do encounter a potential ransomware lure (i.e. don’t open attachments, if you see something, say something, etc.). This is an essential part of protecting your business against attacks and it should become a fundamental practice in any business today.
According to Slattery, who has had his share of ransomware infections in the past 2 years, “Given the speed of how rapid fire business works, it’s really hard to get people to slow down and think about what they are clicking on. Especially when ransomware social engineering is as good as it is.” Provide your employees with the ransomware statistics that matter most to them.
When it comes to defending systems against ransomware, antivirus software is essential for any business. Firewall and web filtering are also necessary in any good strategy. We recommend this type of multi-layered approach to protect against ransomware. Many small business owners already understand this, as well. What you may not realize is that these security measures are not foolproof.
Additionally, you must realize the importance of keeping all software patched and up-to-date in order to protect your business against newly identified threats. Finally, make sure you educate yourself and understand the need for an additional layer of business protection in the not-so-rare case that ransomware does make it through the front lines of your defense. Remember, even with these proactive security measures, breaches still occur. That is where a data backup and recovery solution like datto comes in.
Modern total data protection solutions, like datto, take snapshot-based, incremental backups as frequently as every five minutes to create a series of recovery points and allow businesses to run applications from backup copies of virtual machines. While you may not care or understand that sort of technical deep dive the way that we would, what you should care about is the benefits (and peace of mind!) a solution like the one datto can deliver. Focus on the benefits of datto rather than the features and innovation of the technology.
When it comes to the threat of ransomware, the benefits of a data protection solution such as datto are three-fold:
1. Your business will never need to pay hackers ransom to get critical data back.
2. Your business will avoid data loss - from ransomware or other - since backups are taken frequently and can be restored quickly.
3. Your business will not experience significant downtime (since users can access critical data and applications while primary systems are being restored).
“When it comes to disaster recovery these days, the biggest worry is someone on staff opening an infected document, not a hurricane,” said Slattery. “It’s become a cornerstone of the discussion about business continuity and disaster recovery (BCDR). Historically, a lot of business owners didn’t think about this stuff, but that’s changing. Ransomware is a big part of that change. People are starting to recognize the threat.”
This is largely because there have been a number of high profile examples of ransomware in the news, including a recent attack on a California hospital in which cyber extortionists reeled in a ransom of $17,000. This is obviously an extremely high ransom, but it illustrates the need for protection, so it might be a good place to start when it comes to discussions about cyber extortion.
Both Tidwell and Slattery sell datto alongside additional, less expensive backup options. They both said that they recommend datto because it allows businesses to get back online faster than the other backup tools they offer. “It’s a very easy conversation when you put it in the right context,” said Slattery. “Make sure they understand that downtime equals lost revenue, and if they are concerned about the price, compare revenue lost to the cost of the solution.”
Slattery went on to say that, it’s important not to push businesses to go with a more expensive solution without a clear explanation. “It’s like: ‘look, I can have you up in minutes rather than all the time it will take with a cheaper solution which means more revenue lost,’” he said. “It’s not about pressuring them, but you have to make them aware of the realities of each solution, so they can make the best decision for their needs.”
Thank you for joining on this series on NATURAL DISASTER SURVIVAL GUIDE FOR BUSINESSES Part 3. If you would like more information on Data Backup and Disaster Recovery, download your Free Business Advisory Guide Here.
Don’t worry about some sales guy calling you from our office because you downloaded information off of our website. No one from our office will call you; I promise. We don’t like sales calls any more than you do! We understand if you’re not ready to do that, and if that’s the case, then just read these posts when they come out. We post on a regular schedule.
If you would like to chat about this, or anything call us at 503.359.1275
Dedicated to your success,
dts|infotech . . . computer networks that work