• June 25, 2022

Protecting Your Business: Building a Strategy Against Ransomware Attack

With the U.S. accounting for 18.2 percent of ransomware attacks globally, threats are on the rise for enterprise businesses. The reason? These attacks are relatively easy to execute—and they work. 

A ransomware attack installs software on your systems that locks files and renders data useless. Hackers encrypt the system’s files, making content inaccessible without a key, or they block access to files using a lock screen. For unprepared businesses, ransomware attacks can be costly, as they have to pay to unlock and access their data. Unfortunately, this does not guarantee that the restored data is complete or undamaged.

Faced with a heightened risk and increasingly sophisticated ransomware attacks, what can businesses do? The answer is to build out a modern data-protection strategy that prepares systems for recovery.

1. Start with Best Practices

Since there are many businesses going through the same process, and many experts working to mitigate ransomware threats, learn from others when creating your strategy.

The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) has a list of best practices that can be used to protect businesses against threats, including:

  • Restricting user permissions to install and run software applications.
  • Applying the principle of “least privilege” to all systems and services.
  • Using application whitelisting to allow only approved programs.
  • Enabling strong spam filters to prevent phishing emails from reaching end users.
  • Scanning all emails to detect threats and filter executable files from reaching end users.
  • Configure firewalls to block access to known malicious IP addresses.

While these are fairly standard security best practices, they’re fundamental to keeping systems secure from ransomware.

2. Tailor to Your Business Requirements

Every business is different. Determine what your business needs to stay secure. Start with the data availability needs by asking these questions:

  • How much space do we need?
  • What is the frequency at which we expect to have to buy more?
  • What data should we back up?

The last one is especially important. If a ransomware attack happens, what’s the allowable time that data can be unavailable? Not all data is equally critical to continued operations.

The primary methods for determining critical data are recovery point objective (RPO), which refers to the amount of time between backups and can determine the allowable data loss, and recovery time objective (RTO), which is the time it takes to get back to the latest RPO.

Think about how far back you would need to go in order to assume normal operations, should data become inaccessible. RPO and RTO targets have a big impact on cost, especially if your backup and storage plan has continuous backup and recovery needs.

3. Build Out Your Vision

Now you can map out your vision for data protection and the storage environment. When developing your vision, it’s important to ask these questions:

  • What solutions should go where?
  • Do we have three-site replication?
  • Are all primary devices centrally located in-house?
  • Where do our secondary files sit? Will they be available to us as fast as we need them?
  • Where are the gaps in our current infrastructure?
  • Where should we add more capacity or upgrade to a better device?

There are many infrastructure options available to meet your business needs. Most companies have multiple types available to handle the RPO/RTO needs for different use cases or applications. Some infrastructure options are disks, tapes, backup servers, cloud solutions, backup software or all-on-one solutions.  

4. Deploy a Monitoring Solution

Finally, and most importantly, deploy a monitoring solution for your new ransomware-savvy data protection infrastructure. The best solution will make reporting simple, and monitoring and pinpointing issues fast and efficient. 

To find the best solution for your business, it’s important to ask the right questions. Some questions to ask potential solution providers include:

  • Does your solution offer near real-time data?
  • How is it communicated?
  • Can we create dashboards and provide those to stakeholders so they have access to data when they need it?
  • Can stakeholders edit dashboards to find any new information they want, without asking IT to create another report?

The right monitoring solution will also help anticipate capacity costs and increase efficiencies in storage use.

Ransomware attacks are a very real and dangerous threat to all businesses. By preparing for potential attacks using these simple steps, you can reduce the likelihood of an attack, saving your company millions of dollars.

Looking to upgrade your cybersecurity and ransomware strategy? Rocket’s Servergraph monitoring solution can be your partner against cybercrime. Contact us today to learn how. 

Tommy Hueber 0 Posts

Tommy is a Principal Sales Engineer at Rocket Software EMEA, with a demonstrated history of working in the information technology and service industry. With a strong, personal working relationship with customers and channel partners, he prides himself on delivering the best solution for the customers across the entire EMEA region. Even after almost 25 years in the industry, he continues to explore new areas of IT.


Leave a Comment

Your email address will not be published.