Of all the cyberattacks facing small and mid-sized businesses (SMBs), perhaps none is as frightening as ransomware. Yes, data breaches that expose customer information and viruses that wreak havoc with systems are scary, but the idea that a single piece of malware can encrypt data and hijack your company shakes SMBs to the core. Ransomware comes with an unsettling ultimatum: Pay the ransom or risk going out of business.
The cost of a successful ransomware attack is getting expensive. A report from Datto discovered that SMBs in the United States lose $75 billion dollars per year due to ransomware attacks, not only from paying the ransom, but also because of damages from the company’s downtime when their systems are seized.
Keeping ransomware out must be a priority for all businesses because this threat isn’t going away anytime soon — in fact, according to the Datto report, it’s getting worse. Here are four tips for protecting your organization:
Develop Smart Employees
Ransomware doesn’t just show up in your systems — it must somehow be downloaded or install itself from another source. Often, that source is malicious emails with questionable attachments and links that employees haphazardly open. Although strong anti-ransomware measures are the best defense against this kind of cyberattack, the occasional malicious email can still make it through to users’ inboxes. When those threats arrive, you need confidence that employees will make smart decisions and not click on anything suspicious. Businesses can build this grassroots ransomware security by training their employees to follow best practices in regard to suspicious emails, downloads, web use, mobile device use, and so on. Training your workforce on the dangers of ransomware can make all the difference when a shady email arrives and the user must decide between opening and not opening it.
Implement Robust Backups
When a business falls victim to ransomware, it has two options: pay the ransom or restore systems to a point before the attack occurred. Most cybersecurity experts agree paying the ransom is a bad idea — there’s no guarantee that you’ll get your servers back, and your data could have been permanently damaged by the attack. However, if backups are lacking (or nonexistent), you could be missing weeks of data anyway, which is why most ransomware victims end up paying the bad guys. Avoid both expensive options by investing in robust backup solutions. The best platforms are diligent in protecting multiple versions of your data, as well as offering their own anti-ransomware measures in case something malicious is lingering in your backup. Whether you keep the backup data on premises or in the cloud (or both), test the solution periodically to ensure that you can quickly and easily restore your systems (and avoid further panic) if and when needed.
Fill the Gaps
Ransomware is particularly troubling because its sophisticated versions are always evolving, and do-it-yourself kits that allow criminals—actually, just about anyone— to create their own ransomware are proliferating. Ensuring all applications are secure is challenging, especially because it seems once you’ve worked to protect your systems against one threat, another one comes along that is more daunting. This constant game of catch-up is frustrating, but must be played. Apply security updates to your applications and systems as they are released, and stay informed about the latest threats.
Utilize Strong Software and Strong Partners
Many SMBs don’t know where to begin when figuring out how to protect themselves from ransomware. Perhaps the best option for these organizations is to not go it alone, but rather, partner with third-party experts that can provide the security they absolutely need.
The best software delivers strong email encryption capabilities to stave off ransomware before it reaches inboxes and, ultimately, your systems. Top solutions also offer advanced spam, file, web and email filtering so that wherever a piece of ransomware might be lurking, it is more likely to be identified and neutralized. First-class anti-ransomware partners also offer customized threat intelligence so that you are kept aware of all the latest dangers. This combination of features provides the highest level of protection and helps guarantee you never are tempted to send money to the bad guys.