At Express Computers, we know that, early on, the Internet was considered a way to communicate and share ideas, and well-intentioned people used it as such; however, it wasn’t long before unethical people began exploiting how free and open the Internet was and how trusting people could be.
Fast forward to today and you hear about millions of credit card numbers stolen and small business clients having their data held for ransom. There are some methods to avoid downtime associated with cyber-attacks. We recommend a three-pronged approach that is made up of training, auditing security technologies, and backups to help protect your business from ransomware.
Most of the time, the weakest link inside an organization is the employees themselves. The only real way to mitigate this problem is to educate users in the company. Every person should be skeptical of unusual emails or unfamiliar people looking for access. In the case of ransomware, take some telltale signs like misspellings, missing information about the sender, or the terms used are different from what you would assume from the person writing the email. It is always better to be overly cautious and everyone within an organization needs to be vigilant.
Dishonest people have exploited software and hardware vulnerabilities for a very long time. The WannaCry epidemic brought to light a Windows vulnerability called Doublepulser, where a communication protocol called Samba was open to the Internet in unpatched Windows environments. Vulnerabilities like that are not rare, as there is a whole industry devoted to plugging these holes with security software, inbound traffic network requirements, deep packet inspection, etc. Be certain that you have the proper network security tools in place and keep them updated.
Even if you have taken the proper network security measures, assume that hackers can get through it all, you need to have a plan in place for recovery. Each company should fully understand what to do in case of a data breach or data loss. A business continuity solution that can restore access to servers and data with the quickest recovery time objective (RTO) is key. For example: file restore is absolutely essential. Consider taking it a step further with a solution capable of running operations from a data backup instance of a virtual server. There are products that allow businesses to get back online quickly, while primary servers are restored. Companies that do not have a disaster recovery solution in place to get up and running quickly will experience lost productivity and money. Some even go out of business.
It is hard to know where to start but focusing on these three important steps goes along way to ensuring your operation is not vulnerable to a cyber-attack. User education, prevention, and restore plans are the things that will reduce the likelihood of having to recover from ransomware. If you would like to learn more about protecting your business from ransomware, or if you are interested in one of our services (data protection, IT services, or software development), please contact the IT experts from Express Computers at 604-888-7904 or request a consultation by filling out a contact form on our website.