At Equation Technologies, we take great pride in our commitment to support our clients and their digital backbone, Sage 300.
As part of that commitment, we want to take a moment to remind you that, unfortunately, there are some very real, very bad criminals out there who mean to hold your business hostage in order to extort ransom payments from you. This is an all too real threat and Equation has had the misfortune to have to come to the aid of two of our clients in the last year who fell victim to these despicable criminals.
The good news is that there are some things you can do to protect yourself from these folks and we'd like to share them with you so you can avoid falling victim to this increasing threat.
BACKUP, BACKUP, BACKUP. The number one defense is to ensure that you have a good backup of your system. The definition of a good backup is as follows, and this part is critical: This backup must be OFFSITE, NOT ON THE SAME NETWORK as your local area network. Ransomware will find and encrypt backups kept on the same network, so you MUST keep a separate offsite backup on a separate network or storage device. This does not include a removable hard drive that is connected to your network. An offsite/cloud-based backup that is not connected to your network is best. Ensuring that you can also RESTORE files from your offsite backup is also absolutely critical. If you cannot restore from the backup, you do not have a backup.
Anti-Virus Software. There are many choices here, but ensuring that every device connected to your network has this first line of defense installed and properly updated with current virus definitions can help prevent access to your network by many different types of malware. Anti-Virus is not perfect, which is why backups rank #1 here, but anti-virus software is helpful and strongly recommended.
Firewall. There are choices here too, so ensure that you have a good quality firewall between your network and the internet. In some cases, this device can detect and prevent some of these attacks. Ensuring this device is kept up to date is also critical as new vulnerabilities and attacks are unfortunately discovered every day.
Training. One of the most common attack vectors (the way criminals gain access to your network) is via email and the various types of links and attachments it can deliver onto your desktop and ultimately your network. Training users to use email safely is very beneficial. One thing we use at Equation, and recommend to everyone, is KnowBe4.com.
Communicate. If nothing else, talk with your IT provider about items 1-3 at an absolute minimum and ensure that you are comfortable that there is a plan in place for dealing with a ransomware or malware attack on your network.
If you do fall victim to an attack, www.cylance.com has assisted two of our clients with remediation and subsequent anti-virus/anti-malware protection software.
While we realize there are costs involved in implementing and maintaining these suggestions, those costs are a small fraction of the potential costs of a ransomware attack. Unfortunately, as long as these criminals roam the cyber universe, we must all take precautions to protect ourselves from them.
Should you have any questions or concerns, please don't hesitate to contact us.