enterprisesecuritymag

Three Steps to Tackling Ransomware in the Enterprise

By Arvind Nithrakashyap, Co-Founder, Rubrik

Arvind Nithrakashyap, Co-Founder, Rubrik

The world is becoming connected at an unprecedented rate. As our information becomes increasingly digitized, data has become a prime target for hackers.

Ransomware—malicious malware that holds information hostage until the victim pays a fee—is just one example of how vulnerable our data makes us. In fact, over an eight-month period in 2015, the DOJ and FBI found a single strain of ransomware called CryptoLocker infected 234,000 computers, extorting over $27 million from its victims.

Businesses have become a prime target for ransomware attacks, with 40 percent of businesses experiencing an incident in the last year alone. With no sign of ransomware slowing down, it’s clear we need to take a hard look at how we approach security and data protection in the enterprise.

“While there is no silver bullet to stopping ransomware completely, preparing for a worst case scenario will ensure businesses are prepared when it strikes”

Unfortunately, the solution isn’t as simple as agreeing on a few basic best practices. Attacks can be carried out from halfway around the world, and with new strains popping up every other week, traditional cyber defenses are ill equipped to handle these challenges.

To combat ransomware, organizations of all sizes need to take a holistic approach to security, improving their IT systems at every level to ensure they’re protected. Here are the three key things CIOs—or anyone involved in the IT decisions—at every company should consider:

Protect the Perimeter

The single best way to keep a business virus free is to never get one in the first place, which is easier said than done. Common sense systems like anti-virus software and firewalls aren’t the only line of defense a company should have, but these tools are indispensable for filtering out the most blatant offenders.

Ensuring software is up to date can help businesses catch more viruses early on. While no solution is perfect, these tools can help businesses protect against the most basic threats, freeing up their security teams for focus on potentially bigger problems.

Manage Data Access

Too many organizations today take an “M&M” approach to security, with a hard outer shell that includes firewalls and filters, but nothing securing the internal network once malware is inside. While that outer shell is important, it isn’t infallible—especially when factoring in user error.

An email security company found that 93 percent of all phishing emails contained ransomware. With employees exchanging countless emails every day, it’s one of the easiest ways for ransomware to enter a system.

That’s why it’s essential for businesses to understand and control data access across their organizations. While it may not eliminate what’s already inside, having restrictions on who can access what will help ensure the virus doesn’t spread across a network and limits the amount of information accessible in case of a breach.

Monitoring tools are another key piece of managing data access, allowing IT to spot spikes in user activity and cut off certain systems if something goes awry.

Infrastructure Improvements

Let’s say the worst happens: Critical data that’s vital to your business is being held hostage.

While preventative measures are important, having a well defined disaster recovery plan can save the day when it comes to reclaiming ransomed data. The foundation of any good disaster recovery plan will start with the data management platform used to protect the data.

If you wouldn’t make your employees work on decades-old computers, why would you use 10-year-old (or sometimes even older) technology to protect your data?  It’s important to look for a solution that can automate the backup process and perform backups reliably. If that solution can push data out into the cloud, that’s another potential layer of protection.

It’s also important to consider how quickly a company can recover following an incident. Look for a platform capable of supporting near-zero recovery time objective to safeguard business continuity when restoring from backup.

Pulling it all Together

While there is no silver bullet to stopping ransomware completely, preparing for a worst case scenario will ensure businesses are prepared when it strikes.

By taking a modern approach to backup and recovery, controlling the flow of information and implementing commonsense tools to protect from outside attacks, organizations around the world can mitigate the impact ransomware attacks can have on their business.