Protect your Business against Ransomware

With Ransomware increasingly in the news, it is worth remembering the current advice on how best to protect our businesses against Ransomware and ensure these security procedures are in place and fully supported company-wide.

1. Run Software Updates

Are you ever tempted to skip software updates as they take up valuable time and perhaps seem less important? This could be a costly mistake that leaves the door open for hackers to access your private information, putting you at risk for identity theft, loss of money, credit, and more.

Many of the harmful malware attacks take advantage of software vulnerabilities in common applications, operating systems and browsers. These are big programs that require regular updates to keep your data and private information safe so, instead of delaying software updates, you should see those updates as one of the most essential steps you can take when it comes to protecting your information.

When possible, you should select auto-update for software on both your mobile devices and computers. For software that doesn’t update automatically, you will be prompted to manually approve and install the updates.

Also remember, before downloading any software, it is good advice to read informed reviews first to make sure it’s safe to install in the first place. Cybercriminals like to distribute fake applications which are designed to steal your information.

Our full network management service allows us to monitor and report on patch updates for multiple popular software vendors including Microsoft, Adobe, ESET anti-virus giving us an instant overview of your network update status.

2. Run Comprehensive Security Software

Protecting your computer from viruses has always been important but is now more vital than ever in today’s ever evolving technological age.

With many different antivirus packages out there, it can sometimes be tricky finding a reliable solution to suit your needs and budget.

We offer several antivirus software packages and would be only too happy to help advise on the best solution for you and your company.

3. Be Suspicious of Message Attachments

We have often written about the dangers of attachments and spoof emails and now get calls from customers asking for a second-opinion on suspicious mails – which is great news as it demonstrates users are becoming more vigilant.

Cybercriminals are always devising new techniques and devious ways to catch us out, however, so continue to be alert and err on the side of caution with any unusual messages.

Our recent article (available here) talks through some of the latest scams and reminds us of the tell-tale signs to spot in scam emails.

4. Take regular Backups

We have had an occasion where a client was caught out by a ransomware infection which encrypted data held on their server. Removing the infected PC and restoring from the backup was enough to get everything back to normal for them. We were operating from the comparative luxury of a backup system which we maintain and monitor assuring us of the integrity and availability of the data.

If you currently manage your own backup systems please do take the time to check, test and validate the system in place. You should feel confident that you have all the relevant data included and that you are familiar with the restore process should you need it.

This is often one of the areas we discuss when meeting a new client or evaluating a new network. We once took over a network where the director was meticulous when it came to switching tapes around each night. A quick check of the system (purportedly monitored by their previous IT company) revealed that the backup process had run once, manually, on the day of installation and had not run since over a period spanning years. On another network we identified a scheduled backup which was running each night but which, once we took over management and ran our regular test restores, allowed us to demonstrate how none of the tapes could be read from despite the backup job reporting that each had been written to.

Validating each backup process is as important as running it and, as a simple rule, we maintain that you can’t have too many backups but you can have too few! The most appropriate backup strategy in terms of medium, cost and frequency will vary across different organisations though simply putting your data in the cloud is not a reason to stop backing up.

At VCI, we have recently introduced a single backup solution which covers all backup stages. Where we have previously employed different tools and procedures to cover both quick on-site access to back up data alongside an off-site solution for disaster recovery, we can now offer a single appliance to manage both on-site and off-site backups along with total business continuity. Here’s the exciting part; if a mission critical server fails and cannot be restarted, our solution allows us to run up a virtual copy of the failed server on the appliance hardware and have everything up and running in minutes.

What if you lose an entire office along with backup appliance to something more substantial such as fire or theft? All is far from lost; the data is safely replicated in the cloud storage and the lost/failed server can even be run up virtually in the cloud and accessed to provide business continuity options in the absence of a physical office.

The multiple regular backups also add an even greater level of protection against ransomware. Where a nightly backup solution has us, at best, restoring data as things stood at close of the previous day, the appliance based solution has built-in intelligence to help spot the typical behaviour of a ransomware attack and allows us to roll data back to the last good backup which can be taken at regular intervals throughout the day.

We have worked with various backup tools and even business continuity failover solutions for years now but there has been nothing as comprehensive as this available in a single appliance at a price the small business budget can justify.

The safety and security of your business is our priority so if you are concerned about protecting your business against Ransomware, have further questions or would like to have a quick chat about any of the above, please do give us a call on 0118 976 7111.