Don’t let the headlines scare you.
You can prevent ransomware.
Maybe you’ve watched the NC State Bar and different firms land in the news. Maybe your firm has suffered from a ransomware attack. But whatever your experience, please know that your data isn’t doomed to encryption.
Ransomware isn’t an insurmountable risk. It’s avoidable. It doesn’t need to happen.
The fact that ransomware occurs tells me that many businesses are underserved by their IT vendors. Even though our clients include frequent ransomware targets, such as law firms and other professional service organizations, ransomware is a nonissue for us. As with anything, the key is following best practices.
If you’re worried about ransomware, here are some ways to reduce your risk…
1. Prevent ransomware by training your users.
Did you know that untrained users are the entry point for ransomware?
Cybercriminals usually succeed by tricking staff through phishing attacks and social engineering.
While training your team will mitigate this risk, people make mistakes. That’s why you also need cybersecurity technology, which leads me to my next point…
2. Have a solid technology stack.
As I said, our clients don’t have ransomware issues. One reason is we use a robust security stack.
Every firm needs a “security onion” with several layers—so that if a single tool fails, there won’t be a complete compromise in protection. On a very basic level, this security onion should include these safeguards:
- Antivirus software
- Network firewalls
- Cloud-based filtering
Given today’s threat landscape, I recommend transitioning (if possible) from antivirus to a next-generation solution that’s managed by a security operations center (SOC). A benefit of this SOC is that it looks for signals of The Silent Bad Actor on your network. Later in this article, I’ll have more to say about The Silent Bad Actor.
3. Ensure proper management of your technology.
You can have top-notch technology—and still fail to prevent ransomware. All it takes is poor IT management or a poor methodology.
Once again, the details matter.
You need more than the latest cybersecurity solutions. You need an IT vendor that ensures your technology is functioning the way it was designed to operate. Proper governance is especially important in this era of working from home (WFH).
Going back to those safeguards in the security onion, here’s what good (and bad) management looks like:
Poor Management
- The IT team doesn’t look at AV software until there’s an alert.
- The IT team doesn’t consider that staff may lack firewalls when working remotely.
- The IT team configures cloud filtering but ignores the fact that cloud filtering can’t be enforced on home networks.
Proper Management
- The IT team doesn’t wait for an alert but constantly manages AV software and addresses ransomware threats hands-on.
- The IT team addresses the risk of nonexistent firewalls in the remote model.
- The IT team configures cloud filtering and installs other safeguards (e.g., DNS filtering) that will provide additional protection whether or not at-home team members use cloud filtering.
4. Reduce your risk of sabotage.
Another way to prevent ransomware is avoiding sabotage.
What I’m referring to is ransomware that’s manually deployed by The Silent Bad Actor.
To be clear, ransomware is a piece of automated software that encrypts your data and holds it for ransom. However, it’s possible for a human being—The Silent Bad Actor—to sneak onto your network and launch a very targeted attack. (In fact, The Silent Bad Actor approach was employed in the recent SolarWinds compromise.) This cybercriminal might vandalize your backups and then manually install ransomware.
The Silent Bad Actor threat is one of my biggest concerns for small businesses, and it’s a reason I’m pushing a next-generation solution.
Are you prepared to prevent ransomware?
Your firm doesn’t have to be a ransomware victim.
If you’re training your users, utilizing the right technology, and managing it properly, your risk is quite low.
However, I realize that some readers may have suffered from an attack in the past. If so, I encourage you to pinpoint the “why” behind the compromise. Was it your tech stack? Was it an uneducated team member?
Don’t forget that it could be your IT vendor. If you suspect this is the case, ask probing questions. Learn to recognize when you’re being given excuses…
- “Your AV stopped working.”
- “Your AV wasn’t updated.”
- “It got on Mary’s computer when she was working from home.”
If you’re concerned about your firm’s exposure to ransomware, I encourage you to relay your questions to us.
You can reach our office at info@weareproactive.com or 704-464-3075 extension 3.
Here’s to a secure 2021,
– Steve
Is your firm working from home?
When COVID-19 hit, your firm was forced to rapidly pivot. With no precedent to rely on, you made quick decisions. You did what was needed.
Months later, are you confident in your remote work setup?
Maybe you’re dealing with a piecemealed strategy. Or maybe you want to transition from a temporary option to a long-term solution. If you need insight, download our complimentary whitepaper The Managing Partner’s Guide to a Long-Term Work-From-Home Strategy.
About Steve Kennen
Steve Kennen is the President of Proactive IT and an expert in information technology infrastructure management, cybersecurity, and cyber risk management practices for businesses. A seasoned entrepreneur and technology veteran with over 25 years of experience, Steve leads the team that keeps our clients secure and their business operations running smoothly.