6 Steps to Reduce Ransomware Damage
Protecting Critical Documents and File Data from Attack or Destruction
No organisation is immune to Ransomware. Ransomware is pervasive and represents a serious threat to organisations of every size. Organisations are feeling overwhelmed by the number of threats possible and are figuring out how they are going to protect their file data. In recent weeks we have seen the most significant cyber-attack on the Irish state in the HSE ransomware attack.
When people think about ransomware, they often wonder why people pay the ransom. Can’t they recover from these attacks with their backups? The truth is that many solutions do not have the protection capabilities that organisations really need for malware protection and once in place, recovery scenarios quickly become limited.
Why Not Back Ups?
When data is compromised, most companies find themselves doing a quick cost-benefit analysis of their options. However, if the right data protection solution is not in place, it often leads to paying the ransom.
Advanced ransomware is now targeting backups and thus encrypting/deleting them completely. This means recovering from offsite backups often takes too long, pressing organisations to pay the ransom. Most organisations do not have the visibility into their backups to know what they can recover without reintroducing the malware.
Backups for protecting file data should be considered as only partial protection as versions are not retained for long periods of time.
6 Steps – How Better Data Management Can Reduce the Damage
- Retention or Litigation Hold.
Microsoft and AWS both offer immutable Blob storage options that prevent objects from being written over or deleted until a specific retention period has passed. In addition, some storage vendors offer Litigation Hold options that protect file objects from being deleted until the hold has been released. These settings are at the container or bucket level. Retention or Litigation Hold can protect the containers/buckets from storage account deletion and/or container deletion.
- Lock Down your Critical Data.
Once written, data cannot be read, modified, or deleted. Immutable storage is for organisation-critical file data that you simply cannot lose. This data may be required for regulatory compliance, business operations, project plans, financial documents, contracts, etc. Waterford Technologies can implement TripleLock archives which uses immutable storage to protect your critical documents and files from being encrypted by Ransomware or deleted accidentally until the retention period that you have defined for the Archive has expired. TripleLock helps you in meeting regulatory or legal retention requirements for some types of information that requires an additional level of protection.
Fast Accurate Visibility into your email and file data saves valuable time in recovery. Recovering from a ransomware attack requires proactive data management and controls and it is crucial to have visibility into the Organisations email and file systems in case of an attack. Archiving organizes business email and file information and makes it discoverable and usable.
- Developing your Data Recovery Strategy.
Every organisation must have a strategy for recovering data in the event of an attack or hardware failure. The goal of those targeting your organisation with Ransomware is to disrupt your operations to the point that paying them to get your data back is your best short-term option. By combining industry-standard backup and SISCIN archiving strategies not only protects your data, but your most critical data can be accessed immediately in the event of hardware failure or a Ransomware attack.
- Backup your Data Frequently.
Without good frequent backups, your organisation cannot effectively recover so storing them can become an issue and finding individual files or folders and restoring just the contents can take a very long time. Backup is best when restoring large volumes of data and not individual or groups of files.
- Look for a Managed Service.
Waterford Technologies supports its software with a personal, dedicated touch. A strong proponent of the power of good customer support, Mark Mulcahy, Technical Sales Director, Waterford Technologies says: “If I had 30 seconds to talk about our software, I would spend the entire 30 seconds talking about the managed service piece that surrounds it.” The pandemic has brought clients a greater appreciation and understanding of the managed service offering. “A lot of our clients have been under pressure, so they’ve reached out to us for support. We provide advice and guidance as they undergo changes in work practice. I think it’s been a real comfort to know they have us at their beck and call.”
Ask Waterford Technologies for Help
Our Experts will be happy to discuss your organisation’s requirements and assist you in developing a critical data protection strategy so that your most important data is safe and in compliance with your regulatory requirements and are protected against Ransomware attacks or other malicious actions. Once that strategy has been defined the SISCIN Team can help you run the right analysis reports and then assist you in creating sample policy templates that you can use to protect your data across your entire environment. You know protecting your file data is a priority for your organisation, partner with Waterford Technologies, the largest provider of email and file archiving to the public sector in Ireland so we can help you.
Written by Laura Stotesbury
Head of Marketing #, Waterford Technologies.