Is My Business Protected From Ransomware?

The conversation usually goes something like this: Hey, company X that (we do business with / my friend works at / we share some clients with…) just got ransomwared and were down for Y days/weeks, is my business protected from ransomware? 

Well, this is one of those questions: if you need to ask, the answer is probably no… First, let’s dispel myth #1, there is no guaranteed way to protect a company from ransomware, if you are working with any vendor/partner/superhero that is promising this, walk away. What you can do is deploy a series of processes and technology to reduce the likelihood an attack against you would succeed and ensure you can recover if it does.

We’ve published a couple of blogs on the topic here if you want to read more, but high level:

1. Train your people (attacks usually target humans first, not technology)
2. Patch everything (patches are updates from vendors to fix issues)
3. Deploy advanced email security to stop the new types of malware (94% of attacks start by an email)
4. Inspect all web traffic (including encrypted one) to detect the new types of malware (84% of web traffic is encrypted)
5. Deploy a next generation anti-malware on all devices (it’s your last line of defence)
6. Backup all your data to a place no one can delete it (physically and logically) and yes, you must backup Office 365 and G-Suite data

 And remember: Your data makes you special, protect it.