By now, you’re well aware of the ransomware problem. But just in case you need a refresher, here are some facts that might put you on edge:
- Ransomware is evolvingSome of the newest ransomware doesn’t just lock up your data, it steals it. And a new ransomware targeting Mac computers even has built-in spyware to grab credit card numbers and passwords.
- MSPs are the new targetAccording to the U.S. Secret Service, there’s an increase in ransomware attacks targeting MSPs. Most attacks exploit vulnerabilities in remote monitoring and management (RMM) software.
1. Train Your UsersYour users are your first line of defense, but yet they’re often the weakest link in your ransomware prevention plan. That’s why the Secret Service recommends proactively conducting regular cyber training for your end users. Teach them how to avoid ransomware by showing them what ransomware emails might look like. Let them know what to do if a ransomware message ends up on one of their devices. Once you’ve conducted training, you may even want to send fake phishing tests to users to see if your lessons stuck.
2. Patch Your SystemsCybercriminals are targeting MSPs by exploiting vulnerabilities in RMM software, and, while vendors fix these vulnerabilities quickly, IT admins don’t always update their systems immediately. To avoid being exploited, update antivirus, firewalls, spam, and RMM software as often as needed.
3. Get Cybersecurity InsuranceMany insurance carriers now offer cybersecurity insurance. Policies vary but usually cover you if you lose data due to ransomware, a data breach, and some disasters. If your business stores sensitive data and you want a little extra peace of mind, be sure to check with your carrier to find a cybersecurity policy that meets your requirements.
4. Take Regular BackupsTaking regular backups helps you ensure that if ransomware does get into your system, you’ll still have a backup image that was taken before the system was infected. Be sure to take backups as often as needed based on your recovery objectives (we’ll get to these). It’s also wise to replicate your backups to another storage repository and to the cloud to ensure that you have sufficient data redundancy.
5. Set Recovery ObjectivesData loss might be scary, but downtime can be just as bad. As you plan your recovery strategy, there are two key metrics to consider. First, think about your recovery time objective. This helps you determine how fast you must recover. Ask yourself: how long can a system be down before it’s too much to bear? Second is your recovery point objective. These help you determine how often you should be taking backups so you don’t lose more data than you can tolerate. Ask yourself: how much data can we stand to lose? A few hours? A few days?
6. Pre-Configure RecoveriesWith StorageCraft® ShadowXafe® and StorageCraft Cloud Services you can pre-configure a recovery locally or in the cloud. So if something goes wrong with a system or even a whole network—whether it’s ransomware or even Mother Nature—you can recover in seconds from a cloud-based console. This approach nearly eliminates downtime no matter what the cause.
7. Test, Test, TestIt’s easy to schedule backups and move on. But testing may be the difference between a successful recovery and a major downtime event. It’s wise to regularly test backups to ensure that they’re fully recoverable. Many IT admins will also run through test scenarios. These help them evaluate their ability to stop downtime following a variety of simulated events, including ransomware. Just remember that the more you test, the more prepared you’ll be when disaster strikes. You’ll also have peace of mind knowing you can recover your data when your team is counting on you.
Final ThoughtsRansomware attacks will continue to increase. It’s up to you to remain vigilant and take every step you can to prevent it. There is no substitute for preparation, and it’s the surest way to shorten your time to recovery. If you’re looking to minimize ransomware’s impact on your business, StorageCraft can help. Schedule your custom demo today.
You May Also Like
- Compliance Data Management Data Protection Data Resilience Data Storage
Is Your Business in Compliance With Global Data Sovereignty Requirements?March 29th, 2023
CRN Names Arcserve Cloud 100 Company for 2023March 28th, 2023
- Backup and Disaster Recovery Channel: MSPs / VARs / SIs Compliance Cybersecurity Data Protection Ransomware
DCIG Offers “Safe Assumptions” About Microsoft 365 SaaS Backup: How Arcserve Stacks UpMarch 23rd, 2023