I gave a presentation on cybersecurity recently and an attendee stated that their IT Team told him their firewall would protect them from ransomware. “FALSE!” I explained, and could see that they didn’t really believe that I was wiser than their team. But it is a sad truth my friends, firewalls and antivirus aren’t enough to completely protect our data anymore.
Those nefarious people on the Internet are working too quickly and antivirus and firewall companies can’t keep up. Attacks are increasing in sophistication and our partners in the antivirus industry (Norton, Sophos, and TrendMicro) have admitted that they are no longer effective tools for protection.
It is for this reason that we hope for the best and prepare for the worst. There are three areas to think about when making your plan. Minimize the damage, make sure a backup copy of your data is available, and test your plan often.
Minimizing the damage is done by segmenting. This will help to minimize damage and the time it takes to recover from the attack. At home, segments can be created easily by putting the kid’s devices on the guest w-fi network. In larger organizations, segments can be created by user type (executive, contractors, guests), by department (HR, Marketing, Estimating), by service, device, or role type (VoIP, Wi-Fi, IoT, workstations, servers) or any combination that makes sense for your organization.
When creating your data backup plan, follow the 3-2-1 rule. The 3-2-1 backup rule means that you should:
- Have at least three copies of your data.
- Store the copies on two different media.
- Keep one backup copy offsite.
Lastly, it is important to test your data recovery plan at least once every few months. All to often people assume that the data is being backed up but when they try to recover the data, they discover that it was not working as intended. To test, check to make sure that you can restore a file or two. Make sure you know where your software is and any associated license keys. If the license keys are stored on the computer, put a hard copy with the software in case you are unable to access the license key file on your computer.
So to the person at the security conference, I am sorry that you weren’t too sure of my answer, but what’s important is that you make sure you are ready to respond if/when something happens to your data.
The only protection against ransomware is a solid data recovery plan. Create a data recovery plan or plan to lose your data, the choice is yours.
Be safe my friends!
We at Advanced Systems Solutions have helped many organizations protect their data. If you’re looking for a support company to help keep you safe, with unmatched customer service, please contact us. We love to help!
Like our Facebook page by clicking on the icon at the top right of this page to stay up to date with current alerts and information!
Disclaimer: The above information is not intended as technical advice. Additional facts or future developments may affect subjects contained herein. Seek the advice of an IT Professional before acting or relying on any information in this communiqué.