Three Tips Austin Businesses Need to Fight Ransomware

Recently, several Texas organizations were the target of a massive ransomware attack, most of which were small local government agencies. If you still think your business is too small or far off the radar to be attacked, you're making a grave mistake. If you're not sure how to protect your business, here are three tips to help fight potential ransomware attacks.

Tip 1: Invest in Cybersecurity Training

Having a well-managed antivirus and network security is an important layer, but if your users don’t know how to identify a threat, it’s like leaving the key to the front door under the mat.

Team members without cybersecurity training remain your organization's primary liability when it comes to protecting your data. Human error is the root cause of 60% of cyberattacks due to cybercriminals using social engineering attacks. Social engineering attacks, usually in the form of phishing, are currently the preferred tactic used by cybercriminals to fool your team into providing their credentials. Once acquired, bad actors can gain access to your systems and cause trouble.

As part of your cybersecurity training, you should stress the importance of strong passwords (including MFA), as bad actors often exploit poor password management to gain access to your systems. Finally, your cybersecurity training must encourage your team members to report suspicious activities. Unfortunately, many businesses have a 'love/hate' relationship with their IT department, resulting in a reluctance for team members to communicate issues before it's too late. A timely response is crucial for efficient mitigation of ransomware attacks, and your team is your canary in the coalmine, but only if you permit them to speak.

Tip 2: Trust No One

While it seems like a harsh sentiment for an organization to have, the reality is your business mustn't trust a person, entity, or device by default. There is never a reason for every user to have access to every directory on your network. Most (if not all) users don’t even need admin access to their own workstations.

When we examine recent ransomware attacks, the common theme that emerges is that bad actors used the credentials of a team member or vendor to access the data. The only way this was possible was due to the level of access the compromised credentials provided the cybercriminal.

To prevent this from happening, you must develop a policy and practice of access control. Access or permissions should be determined by roles and dictated by the minimum level needed to perform the required task. Your financial officer and your line-workers' roles aren't the same, and their corresponding permissions shouldn’t be either. 

The concept of privileged access must apply to staff and third-parties and take advantage of technologies such as multi-factor authentication, encryption, and privileged access management (PAM). Privileged access management relies on the principle of least privilege, in which each user is given the minimum access rights necessary to complete their duties. 

Tip 3: Develop a Backup Policy

When it comes to fighting ransomware, the primary thing you need to understand is why ransomware is successful. Ransomware's success can be attributed to one factor: the lack of a backup. Without a backup, you have no option when dealing with the cybercriminal who controls your data, with no choice but to try and deal with the bad actor to regain or data or risk losing it. 

Without a backup, it isn't hard to figure out who will have the upper hand in such a situation, and it won't be your business.

Your business cannot truly consider itself as having a cybersecurity policy without a backup plan in place. For the record, a backup plan is more than using a USB drive to store your data. A backup plan is designed to protect your business' data in case of a disaster, and make no mistake—a ransomware attack is a disaster. 

Moreover, your backup plan is more than a place where you save your data; an effective backup plan also demands the ability to recover your data quickly. A backup without a recovery plan is, for the most part, only a half-measure and won't protect your data. 

Best Practices for a Good Backup Policy

• Back up your data throughout the day, as often as every 15 minutes.
• Store incremental backups over time, so you can restore to a specific date or time.
• Keep a copy of your data offsite.
• Be able to test your backed-up data.
• Be able to access and restore your data at any time, with as little downtime as possible.

Is Your Business Ready to Fight Ransomware?

Texas businesses are no stranger to being targeted by bad actors, and as we have seen no organizations, even hospitals, are safe from being victims of ransomware attacks. As a Cedar Park business ourselves, Capstone Works is familiar with the challenges small to medium-sized businesses face and has the solutions needed to keep your organization up and running and, more importantly, your data safe. 

For example, when you invest in Disaster Recovery as a Service (DRaaS), you receive best-in-class data protection, which takes advantage of the cloud to safely and securely back up your data. A feature of a comprehensive DRaaS system is reducing organizational risk, which provides peace of mind.

For more information about Disaster Recovery as a Service, Managed IT, or more options to protect your valuable data and infrastructure, call us today at (512) 343-8891.