Ransomware dominates the cybersecurity conversation these days for good reason: It’s a serious threat to IT and to those organizations—especially the small and mid-sized businesses you serve—that are most often targeted and easily burned.
A recent report by Datto (an industry partner of AppRiver) in which 1,700 managed service providers were surveyed found that 6 of 7 MSPs said they had at least one SMB client victimized by ransomware in the three years previous. The report also found that 57 percent of clients lost data or devices due to ransomware, and 75 percent suffered downtime.
The SMBs that hire you have much to lose from ransomware. Large companies enjoy the resources to withstand a successful attack. Smaller organizations, however, can’t afford to be down for long periods of time or to permanently lose data (which can happen even if the ransom is paid). Moreover, SMBs may not have the unlimited IT and financial resources to protect themselves before a ransomware attack or deal with the aftermath. These organizations often rely on MSPs to provide the ransomware defense they can’t achieve on their own.
Therefore, you must deliver for your customers and keep them as safe as possible. Here are four ways MSPs can protect their clients from a ransomware attack:
1. Quality email security
Email security has improved over the years, but the threats that squirrel through via email have evolved as well. As a result, most email solutions, including Office 365, don’t do enough to protect against ransomware. A stronger defense is necessary—the kind that can be found with quality third-party email security solutions. The software you implement for your customers should be proficient in preventing suspicious emails (particularly phishing emails, which are common vehicles for ransomware) from landing in inboxes, as well as stopping threats if users click on something they shouldn’t.
2. Frenetic filtering
Potent email security helps stave off ransomware, but for maximum protection, a multi-layered approach can’t be beat. Ransomware can still invade via compromised and/or suspicious websites, so your customers’ systems need comprehensive filtering to prevent anything malicious from infecting them. Third-party solutions can provide this advanced cybersecurity while also identifying and isolating any ransomware that does somehow sneak through.
3. Smart employees
You love your customers, you respect your customers, you trust your customers … but sometimes, your customers are as dangerous as the cybercriminals. Despite all the warnings over the years (really, decades now), employees still open unknown attachments, click on dangerous links, and visit risky websites. In the ransomware era, this (often unintentional) careless behavior opens the door. Not that it’s always your customers’ fault—the bad guys have gotten really good at fooling otherwise vigilant users. Training employees to be smarter users diminishes the risk of ransomware infecting systems. Simple seminars and online resources teaching something as basic as what constitutes a questionable email can go a long way toward eliminating human error.
4. Don’t pay—restore
Ransomware is predicated on the idea that a victimized organization will be so freaked out losing access to its systems—and so scared of costly downtime—that it will pay the ransom immediately. Almost always, giving in and paying up is a terrible idea. There is no guarantee that the bad guys will release your client’s systems after cryptocurrency is sent, and even if they do, data could be damaged. Moreover, the offending ransomware could remain in your customers’ systems, waiting for the hackers to activate it again.
The better strategy against a successful ransomware attack is to have a robust backup solution ready for the day you hope never comes. Restoring client systems to a pre-attack state protects their data and keeps downtime to a minimum. Whether the backup is on-site, off-site, or in the cloud (you and your clients may opt for a combination), you can have a customer up and running without skipping a beat.
Your clients are trusting you to protect them, and taking action before, during, and after a ransomware attack gives them added reason to rely on you for the long haul.