Ransomware is a well-known problem, but a lot of companies, SMBs in particular, aren’t thinking proactively about it. Whether this is due to lack of awareness of the growing threat or a lack of cybersecurity training amongst employees, the issue remains the same. As ransomware is constantly evolving, it’s important to make it clear to clients that they need a secondary layer of protection to recover.
Ransomware has made backup and security inseparable—each plays an important role in protecting against ransomware. As a trusted IT expert, you can help clients understand that a proper business protection strategy requires a three-pronged approach, comprising education, security and backup.
1. Education: Make sure that your customers know about the rise in ransomware incidents and have tools and a strategy in place to educate their entire organization. For example, all current and new employees should have to go through some sort of basic cybersecurity training. During this training, SMBs should provide specific visual examples of what a phishing email looks like, which is one of the leading causes of a ransomware infection. All employees should know how to spot a malicious email and know exactly what to do if they do encounter a potential ransomware lure (i.e. don’t open attachments, if you see something, say something, etc.). This is an essential part of protecting your clients against attacks and it should become a fundamental practice in any business today.
2. Security: When it comes to defending systems against ransomware, antivirus software is essential for any business. Firewall and web filtering are also a must. Most security vendors recommend this type of multi-layered approach to protect against ransomware. Many of your clients probably already understand this, as well. What they probably don’t realize is that these security measures are not foolproof.
MSPs should also talk to clients about the importance of keeping all software patched and up-to-date in order to protect the business against newly identified threats. Finally, make sure customers understand the need for an additional layer of business protection in the not-so-rare case that ransomware does make it through the front lines of defense. Explain to your clients that even with these proactive security measures, breaches still occur. That’s where a backup and recovery solution comes in.
3. Backup: Modern total data protection solutions, like Datto, take incremental backups as frequently as every five minutes to create a series of recovery points and allow businesses to run applications from backup copies of virtual machines. While your clients likely won’t care or understand that sort of technical deep dive the way that you would, what they do care about is the benefits (and peace of mind!) a BCDR solution can deliver. When it comes to the threat of ransomware, the benefits of a data protection solution are three-fold:
- Your business will never need to pay hackers ransom to get critical data back.
- Your business will avoid data loss - from ransomware or other - since backups are taken frequently and can be restored quickly.
- Your business won’t experience significant downtime (since users can access critical data and applications while primary systems are being restored).
The disaster recovery game has changed. Instead of fearing hurricanes or floods, the biggest worry is ransomware infiltrating a network. There have been a number of high-profile examples of ransomware in the news, including a recent attack on a California hospital in which cyber extortionists reeled in a ransom of $17,000. This is obviously an extremely high ransom, but it illustrates the need for protection, so it might be a good place to start when it comes to discussions about cyber extortion.
Action Items: For more tips on ransomware and client education and protection, join Datto’s upcoming webinar and check this great free eBook: Ransomware Made MSPeasy, which offers advice for raising awareness of the malware amongst end users and the importance of investing in security, backup and recovery solutions.
