W hen most people think of the ramifications of a pandemic , cybersecurity threats tend to not be included . Sadly , cybercriminals are indeed exploiting the world ’ s health crisis as a means by which to trap more ransomware victims .
Because of this , SMEs are now having to up their game and prepare for attacks they have never encountered before . In today ’ s modern IT environment , infrastructure stretches across physical , virtual and hybrid cloud environments , in addition to application services hosted in the cloud .
With so many data silos , SME IT must ensure all company data is protected for Business Continuity and Disaster Recovery ( DR ). For SMEs , this doesn ’ t mean adopting radical new strategies , but it does require an approach that ensures getting the basics right .
There are five foundational points SMEs can use to best protect their company data , being : system protection , endpoint protection , the 3-2-1 backup strategy , detection and recovery . For system protection , the first critical step to establishing ransomware protection is to focus on system updates and anti-malware software .
Then , in preparation for an attack , every business should prioritise backups of their infrastructure – this is the number one solution against an attack . For endpoint protection , SMEs know all too well that malware can hit any computer across IT environments .
With threats like WannaCry , every computer needs to be protected , not just servers or file sharing systems . The 3-2-1 backup strategy is the best strategy for data protection . It consists of : three copies of data , two different formats and one off-site location , with an air gap if possible . If all organisational backups are on a single disk that is connected to a main computer , those backups can be encrypted at the same time as source data , rendering them useless .
With three copies of data – on the computer , on local storage and on off-site storage – rapid recovery from ransomware is much more practical . Next , detection is key to ensuring an SME ’ s data security . Ransomware encrypts the user files on a computer , so monitoring backups routinely can help detect if an attack has taken place .
Lastly , there is recovery . For any SME hit with ransomware , paying the ransom should never occur as the stats show that more often than not , even after payment is made , data is rarely restored intact .
The best strategy for recovery is to be prepared . As cybercriminals step up their ransomware attacks , their success relies on organisations that are not . However , using tried and tested techniques can go a long way to protecting vital systems and services during the pandemic and beyond .
CRIMINALS STEP UP THEIR RANSOMWARE ATTACKS , THEIR SUCCESS RELIES ON ORGANISATIONS THAT ARE NOT .
JG HEITHCOCK , GENERAL MANAGER OF RETROSPECT , A STORCENTRIC COMPANY