It’s everywhere. It’s a very real threat in which no company is immune. The real cost of a breach is so much more than the 6-figure ransom, so here is our advice on how to prevent a security breach.
Simply having backups in place isn’t enough protection from a Ransomware attack.
We suggest following the “3-2-1 Rule” for backups:
Be sure to not use network shares for backups. Even though you may be following the “2” of the “3-2-1 Rule,” as the cryptovirus is encrypting files on a computer it looks for network shares to continue its mission. Two of the most recent Ransomware attacks we have remediated for customers was because the virus was able to penetrate their backup solution via a network share and fully encrypt their local backups as well. Use a native backup application protocol (or at least a block-based protocol) to move data to the backup solution.
The most effective way to prevent this creeping encryption is to ensure there is an “air gap” between your backup archival systems and the production data network. This is the “1” in “3-2-1.” Most backup solutions have a proprietary data transmission protocol to an offsite cloud that takes care of this need, or you can roll really old school and write to tape. Whatever method you use, get that data offsite. Regularly.
Finally, make sure you can fully restore your data. Several backup solutions enable a sandbox environment for you to test the viability of your backups before a critical event occurs. Test your backups on a quarterly basis.
If you’re unclear if your backup meets the “3-2-1 Rule,” your friendly neighborhood IT solutions provider (you guessed it… that would be us!) can perform a security assessment. Being proactive in identifying any security vulnerabilities is always better than learning the hard way.