Best-Practices on protecting data against Ransomware

Security continues to be a hot topic of discussion. As well-defined by IDG, "Ransomware is a form of malicious software (or malware) that, once it's taken over your computer, threatens you with harm, usually by denying you access to your data. The attacker demands a ransom from the victim, promising — not always truthfully — to restore access to the data upon payment. Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin."

While ransomware and malware have existed since as early as 1989, the modern age of ransomware started with CryptoLocker in 2013. In the intervening years attackers have become increasingly sophisticated and business-minded.

In the modern workplace, data is the most valuable asset to most businesses. Here are a few things that businesses can do in order to deter ransomware attacks:

Using different credentials for backup storage: The backup repositories should be safeguarded and restricted such that only specific Service Account has access to it. [Example: Domain\Service.Backups]
Use the 3-2-1 rule: The image below depicts this message clearly
Include offline storage in your data protection strategy: While most businesses are moving their data to the cloud, having local storage can be extremely helpful for fast data recovery. It is important that access to these media is restricted and controlled.
Leverage different file systems for backup storage: Having different protocols involved can be another way to prevent ransomware propagation. [Example: Using Linux Authentication (ext3, ext4, NFS mounts etc.)
Have appropriate monitoring on your infrastructure: Setting up alarms to identify a lot of writes on disk and high CPU Utilization could be another possible symptom of a possible ransomware activity.
Plan for Disaster Recovery Testing: Every company could benefit from both a disaster recovery plan and a business continuity plan (BCP). Investing in a DRP and BCP is as critical as having backup setups.
End-user education: Most ransomware enters organizations via websites or files downloaded by users going to malicious websites. Proper user education goes a long way to ensure that this is minimized, even with the deployment of end-point protection.

Best-Practices on protecting data against Ransomware

Categories

Labtech

Configuring the Network Probe in ConnectWise Automate

Mac Agent Functionality Within ConnectWise Automate

ConnectWise RMM vs Automate: Should I be using CW RMM?

ConnectWise Automate on Linux – Best Practices

ConnectWise Automate Maintenance Mode Explained Best Practice

Uninstalling and Offboarding Automate Agents

How to Set Up Automate users to use ConnectWise SSO

Windows 10 Build Upgrades are Inevitable - Use Kaseya/ConnectWise Automate to Deploy

Best Practice Naming of Patching Groups

Automate 12 Patch 9 Now Available!

Business Continuity

Proactive Maintenance

Kaseya

What Should I be Automating in Kaseya VSA 9.5?

Security Best Practices for Kaseya VSA

Kaseya VSA: Software Management vs. Patch Management

Software Management Enhancements

Two-Factor Authentication in Kaseya VSA

Windows 7 & Windows 10 Multiple Builds End of Life – Upgrade Using Kaseya or ConnectWise Automate

Kaseya Network Monitor: Benefits & Features

Kaseya Patch 9.5.0.22 and Future Updates

Kaseya's New State-of-the-Art Contemporary User Interface

Kaseya Product Release - April '19

Datto

Creating & Implementing a Disaster Recovery Plan

Disaster Recovery – Minimizing Impact of Downtime

Updating a Datto Device

Datto Agent Communication Errors

Datto

StorageCraft

Get in touch today for MSP Centralized Services