We continue to hear stories of successful ransomware attacks impacting large organizations. One of the more recent events highlighted the successful breach of the Los Angeles School District. As the CEO of a company that provides disaster recovery solutions, I struggle when I hear of these incidents. I struggle because I strongly believe they can be avoided, especially if you implement layers of protective measures against ransomware.
But what are these layers and can they protect your organization from someone attempting to break through? Let’s explore:
LAYER 1 – ACKNOWLEDGE THAT YOU ARE A POTENTIAL TARGET
If you don’t acknowledge you could be a target and prepare for a possible breach, you are a perfect target. Accepting an attack is a possibility, understanding the expense of doing nothing, and taking actions which will protect your data and your operations is critical to your avoiding an attack.
LAYER 2 – EMPLOYEES ARE YOUR FIRST LINE OF DEFENSE
The majority of the time, the path into your environment is through people.
1. An unsuspecting employee who innocently clicks a link or opens a well disguised attachment.
2. Someone who fails to change the default password to a new application. Chances are very good you can get in to a number of places by simply trying User Name: admin; Password: password.
3. Constantly train and remind employees to question anything that seems out of place. Even if the source is familiar, be suspicious, check the full email address before opening or clicking. If ever in doubt, check with your IT department.
LAYER 3 – TECHNICAL PROTECTION LAYER
Make sure you have all of the technical protections in place. Starting with access to the facility, to network perimeter protection (IPS/IDS), application protection with a top-rated Anti-virus/Malware software, host, and data/systems; make sure every piece of your environment is protected. Don’t skimp, find highly regarded tools to reduce the risk of entry. But know that people will break through this line of defense.
LAYER 4 – BACKUP AND DR: THE MOST OVERLOOKED LAYER
This layer may be the most overlooked layer. Layer 4 is to have a solid disaster recovery solution that can
1. offer separation from the production environment (air gap)
2. spin-up quickly
3. take you to a snapshot prior to the ransomware being detected
4. support your business for as long as it takes to correct issues within the production environment.
5. easily move the data back to the production environment
Related: If you want more details on how to prepare against ransomware, download this ransomware preparedness guide.
At Quorum, we have more than ten years of experience successfully protecting our customers from all forms of disasters including ransomware attacks. Originally designed to support the Department of the Navy, Quorum has spent the past 10 years building a product that has never been compromised and has always been there to support our customers.
With our recent release we now fully integrate into VMware to improve speed and simplicity in supporting virtual environments. With this addition, Quorum is now one of the best end-to-end solutions, supporting both virtual and physical environments. Request a demo today and check us out!