If Big Business Can’t Defend Against Ransomware – Can You?

Can You Defend Against Ransomware?

Ransomware is an undeniably one of the major threats facing businesses around the world today. Do you think that’s an exaggeration? Where To Start does not believe it is.

The Latest Ransomware Victim…

Business to business payment provider Billtrust is recovering from a ransomware attack that occurred in October of 2019. This cloud-based service provider maintains a large organization, with more than 550 employees, so you would assume they would have the resources to protect themselves against ransomware.

In an email to clients about the event, Billtrust states the following about the incident:

“Our standard security and back-up procedures have been and remain instrumental in our ability to execute the ongoing restoration of services,” the email reads. “Out of an abundance of caution, we cannot disclose the precise ransomware strains but will do so as soon as prudently possible.”

Even though they had those vital cybersecurity measures in place, they were still penetrated. Billtrust is now in the process of putting additional ransomware defenses in place.

What Lesson Should You Learn From Billtrust?

The primary lesson here is that if a business as large as Billtrust can get hit by ransomware, so can you. You have to assume you’re defenses could be penetrated – what will you do if it happens? Do you have contingencies in place to protect you in the event of a ransomware infection?

How Can You Protect Yourself From Ransomware?

1. Have your data backed up, to a separate offsite location, on a regular basis. By storing a complete and up to date copy of your data that’s separate from your local systems, it doesn’t matter if your onsite data gets encrypted by ransomware. This is a key factor of the Backup Rule of 3-2-1: 3 copies of your data in 2 different locations and 1 of those location is off-site (preferable in the cloud)

2. Confirm that anti-malware and antivirus settings are deployed to automate all updates and to continually conduct system and device scans.

3. Continuously Train and Test your staff to ensure they ask themselves these key questions before opening an email:

  • Do I know the sender of this email?
  • Can I verify that the attached link or PDF is safe?
  • Does anything seem “off” about this email, its contents (its grammar and/or its approach) and especially the senders information (email address and domain)?

4. Take a layered security approach to protecting yourself, your data, and reputation. Proper backups, Malware/Antivirus software, and Training are just a few of the security layers that are needed today.

Lastly, ask for help – Where To Start, Inc. will help implement the appropriate layered security measures for your company, such as deploying security devices like business class firewalls, performing OS and application patching, ensuring antivirus software is updated, monitor intrusion and gateway protection, just to name a few.

Like this article? Check out the following blogs to learn more:

11 Ways You Can Benefit From Assisted IT Services

Managed IT Helps Your Bottom Line: 6 Ways How

5 Ways Managed IT Services Is the Right Choice for Your Business

Contact Info

Stay Connected