Protect your business from ransomware attacks with regular data backups.

Welcome back to the second half of our two-part article about how to completely harden your company against the threats of ransomware. The entire reason why ransomware is so scary is because it is a known cause for complete computer wipes with all your data gone in seconds and you’d better think twice about paying a mysterious criminal who does not have to decrypt your files and will probably delete them anyway.

Rather than leaving yourself vulnerable to these malicious cybercriminals, the best defense is a stupendous set of backups. Last time we talked about creating an individual backup for each machine or group of identical machines, along with the importance of safe cloud storage. Today, let’s pick up right where we left off at point three, your final complete backup stage.

3) Create One Complete Infrastructure and Configurations Backup

Because ransomware sometimes attacks an entire network from a single connected computer, it’s important that you are ready to recover absolutely everything in case you become the victim of a particularly nasty piece of black-hat software. Just like you did with the individual computers, it is possible to take a snapshot of every setting and configuration for your entire network. This file will be pretty big but you only have to keep one or two to be ready for a ransomware attack. This way, even if the malware takes out an entire chunk of your network, you could potentially wipe every device to factory settings and reconfigure in a few hours, once again denying the hacker their opportunity to cause any real damage to your company.

4) Take Content Backups Regularly

Now that you have your infrastructure backups taken care of, you can start worrying about smaller content backups. These can either be updated to the big backups or kept separately to help you keep track of day to day changes. These should be taken even of cloud-stored data to ensure that you’re protected against everything from malware deleting files to human error entering unwanted changes. Regular content backups will ensure that once you factory reset and restore a machine’s configurations and software, you can also restore its local files for the convenience of the employee who works there.

5) Create New Complete Backups for Major Change

After all your backup preparation is done, remember that when you make configuration or infrastructure changes to either the network or an individual machine, these changes need to be updated to your collection of comprehensive backups or your restoration may bring back an older, less useful configuration. Put this responsibility in the hands of your IT technicians who will be the ones making these changes in the first place. This will ensure that your ability to immediately recover from ransomware is always up to date with exactly the data you need.

6) Run Ransomware Drills

Finally, never assume that an emergency plan is in place until you have proven it. While you may not want to wipe your entire system and re-install it, at least test the solution on a few computers or a test section of the network to ensure that everything is in good working order. The last thing you want to happen right after a ransomware attack is to discover that your backups have either corrupted or don’t integrate correctly. Check your backups and run a new drill about every six months to make sure you’re still ready.

This solution may sound complex but here at SystemsNet, we’re experts on malware defense and comprehensive backup plans. For more helpful information on how to defend yourself from ransomware or to plan your perfect backup solution, contact us today!

Cloud Backup

Ransomware is a single word for a big, diverse problem. It isn’t just one program like WannaCry or GoldenEye, or Petya, it’s all hacker-borne viruses that have ever been or ever will be designed. One really good firewall and anti-virus setup won’t protect you forever because if history has taught us anything it’s that hackers won’t quit it. They will continue to look for loopholes, backdoors, and brute force attacks to invade your computer system and ruin your day. The good news is that even in a worst-case scenario where these malicious programs get into your company system and encrypt every important business file you possess, with the right preparation you can quickly and easily thumb your nose at the low-life hacker with a completely ransomware-proof plan.

It’s all About the Backups

Yes, in an ideal world we’d be talking about nothing but malware detection, email scanning, and firewalls and don’t get us wrong, these things are important. However, these things are like washing your hands before eating supper. It will reduce the number of ‘germs’ you are exposed to, but it won’t elimate your exposure completely. A comprehensive ransomware, and indeed any malware plan may start with firewalls but it always ends in backups. Why? Because with the right backups, you can recover from anything, even a full-encryption ransom attack.

1) Create a Complete Backup of Each Machine

Ransomware has to have an entry point, and this is usually a personal computer. These days it can also be a mobile or IoT device and the importance of recovering data on these devices should be considered when planning for backups. When ransomware strikes, it encrypts every file on the computer and then uses files from the program to project the ransom message and interface. While you could mess with the hackers, your best bet is simply to wipe the computer to factory settings and re-install everything you need.

Of course, doing this manually could take hours if not days so what you need is a total backup complete with software installs and configuration settings as well as the basic file system. This kind of backup takes more space to store but it also allows you to cut off a hack at the start and get the system back to safe working conditions in a matter of minutes rather than days. This method is especially useful if you have a floor worth of computers that share a similar if not identical configuration.

2) Save Your Data on the Cloud

In general, ransomware can only attack files stored locally on infected computers and networks. This means that while they may be able to reach out to remote servers you are actively connected to, if you save your business data through a cloud storage service or, better yet, through third-party SaaS servers for the platforms you use, the ransomware won’t be able to corrupt it. To harden your defenses and protect sensitive company and client information, make sure that important data isn’t stored on a local system, even in the Temp folder. This way, hackers will neither be able to breach your security and leak information or deny you access through encryption or local deletion.

Paired with the complete computer backup, a cloud data storage system means that after a localized attack, you can recover the compromised system up to the point where it is immediately compatible with your cloud platform again, putting the workstation back into use quickly.

Believe it or not, the setup is the most complicated part of establishing a ransomware-proof business plan. In fact, it’s only the first half of the article. Join us next time as we cover points three through six from your infrastructure backup to your restoration plan. For more tips and advice on best backup practices, contact us today!