Ransomware will either encrypt the data on a device and demand a ransom to descramble it, or it will lock up systems rendering the entire device inoperable. In both cases, the effect can be huge, possibly bringing organisations to a grinding halt.
How can you avoid protect yourself against ransomware? It is an urgent question as organisations face a clear and present danger.
Protect yourself: Protection begins at the endpoint, with proper patching. In the interim, one can take advantage of ‘micro-patching’ systems that protect software applications without making changes to the binaries. However, for true protection one should adopt multi-layered (defence-in-depth) protection. Implemented properly this will secure the data even if endpoint or server anti-ransomware protection fails.
Cloud-based backup: Cloud-based backup is a potential solution, providing regular backups online to something other than network drives. Its advantages include the ability to program high-frequency snapshots, so that you can maintain a narrow recovery point objective should you need to restore after a ransomware attack. It can also be far easier to test a cloud-based backup solution than it is to test restoration from removable storage, because the cloud-based data will be available online.
Organize your files: Once you have established a solid backup workflow, it is time to establish your need-to-restore list. Look at how you are organising and tagging individual files, perhaps related to business processes or sensitivity. In assisting you here, a file tagging system, along with a complementary file discovery tool to gather and categorise your existing files, comes helpful. Finally, use a robust monitoring solution to ensure that the new file management regime you have put in place stays in place.
Ransomware is getting nastier, and more pervasive. So you have to get smarter, and more resilient. By putting multi-layered defences in now, you will save yourself some serious headaches in the future.