Ransomware is an ongoing risk, and you can’t rely on your antivirus to protect you. It won’t. Just ask the victims of WannaCry, and the subsequent waves of ransomware. Antivirus isn’t enough to stop ransomware.
Ransomware comes through the network on different channels, that are often easy exploits for criminals. That could be your unsuspecting employee clicking on an attachment that seems legitimate, your CEO clicking on a link or your software not being up to date and leaving a gaping hole in your security (which is what happened in the WannaCry attack).
If your company doesn’t have proper backups, you are left with the choice to pay ransom or lose your data. With the ransomware being used today, it would take experts 22 years to decrypt files using the most sophisticated software available.
Wannacry demonstrated that attacks like this can come completely unexpectedly. We believe in an affordable, multipronged approach to protection. Any of these three components can reduce your risk but together they secure your network from the evolving ransomware threats.
Educate your staff
Your staff are often the weakest link in the chain. We send test emails to users to safely simulate the emails that ransomware gets through on. When your staff clicks on a link or downloads the file, they are alerted and directed to training. Four times a year, you get reports on the tests to see how your security is improving and where issues might still be.
Proactive approach to security
Security involves several layers. The outer layers, intercept suspicious attachments or emails and can prevent ransomware from reaching the user. Endpoint security protects devices once malware is detected, keeping it from spreading too far. For situations like WannaCry, we stay on top of the rapidly evolving situation and deploy any countermeasures available, like turning off the SMB service in Windows.
Keep software up to date
WannaCry exploited the fact that many companies don’t automatically update security patches, and many were continuing to use Microsoft operating systems that are no long supported, such as Windows XP. We automatically install patches so clients don’t need to worry about them, and advise clients when their software is end-of-life, to maximize their protection.
Use image-based backups
If data is not backed up, you either must pay the ransom or say goodbye to the data. Some companies have backups but find out all too late that they were inadequate. Many backups are set to backup too infrequently, costing hours or days of data loss to an attack. We use image-based backups and test frequently to ensure that when the time comes, they’ve done their job.
Check your vulnerability
We offer complete vulnerability assessments to see what your company needs to protect against ransomware. The assessment is a cost-conscious way to look at your ransomware risk from every angle and help you prioritize your protection smartly.