Why Backups And MFA Are So Important For Ransomware

by | Feb 25, 2020 | Blogs, jahlberg, Security, Strategy

Two of the simplest and cheapest ways to protect your company from a ransomware attack are Multifactor Authentication and a fresh backup.

Here’s why.

 

Back up everything! You are not invulnerable. Catastrophic
data loss can happen to you – one worm or Trojan
is all it takes. – Kevin Mitnick

Just because the data is in the Cloud does not mean it’s backed up.

Do you have a backup of all your precious data? I’m sure you think you do, but when was the last time you made sure your data was actually backed up and safe? Don’t assume because your data is in the Cloud that it is backed up. Definitely don’t say it is if your IT says so but never shows anything to prove it. Your data is the lifeblood of your company. If you lose your data, you are out of business, which is why backups are so critical in protecting you from a Ransomware infection. Imagine your Office 365 account has been hacked with Ransomcloud (Ransomware for the Cloud). All of your emails are now inaccessible and both your email and your other files are encrypted. How would you recover from that?  Yes, cloud providers keep copies of deleted files if you ever need to recover one, but all of your files and all your email at the same time? That’s a whole different story. Not having a backup in place means data loss and a lot of recovery pain to salvage what you can. Or, you’ll have to pay the ransom. Same situation with your onsite data. Protect yourself with pristine backups—you’ll thank yourself later when you really need them.

 

 

Ransomware is unique among cybercrime because in order
for the
attack to be successful, it requires the victim to
become a  willing accomplice after the fact

― James Scott

Multi-Factor Authentication (MFA): The Annoying Step That Can Save Your Bacon

Do I really need to have MFA (Multi-Factor Authentication)? Sure, it’s a pain to have to enter a random code every time you log in. Sadly, this is the state of the world we live in. So, yes you should be using MFA for any system containing data you care about. This includes mundane things like Office 365 that get overlooked (see above). It’s pretty easy to set up and; it’s not that disruptive given the layer of protection against ransomware and hackers it offers for the effort. I have a quick client story to prove it.

 

The Luck of the Irish: Adding MFA Just In Time

We have a client that had been dragging its feet to turn on MFA for their Office 365 accounts.  They understood that MFA was something they should do, but felt it was unneeded because their emails were not appealing to a hacker and did not want the second-step inconvenience.  They finally acquiesced. We turned MFA on and rolled it out to the users without a hiccup or exorbitant complaint.  It was not as dramatic an event as they had feared.  So far so good. Then, about a week later, a few key employees started receiving texts from Microsoft requiring their MFA codes to log in. Our client’s users were confused. They couldn’t understand why Microsoft was requesting MFA codes from their users who weren’t logging in? Unbeknownst to our clients, some hackers had been trying to access those unappealing email accounts mentioned above. The hackers never successfully logged in. The new MFA layer brought the hack into the open and protected our client’s emails.  With MFA in place, hacking the email is MUCH more difficult and as hackers do, they will move on to a victim who is less diligent.

Don’t be a Ransomware Victim

DOWNLOAD our Ransomware Best Practices Checklist and take the simple steps to protect your data, keep your employees productive, and keep your enterprise up and running. The more cybersecurity protection layers you have in place, the harder a target you are and the chances of being hacked are much lower since it will take too much effort.

John Ahlberg, CEO, Waident Technology Solutions

John Ahlberg
CEO, Waident

CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

Related posts

Choosing an MSP: No. 2. Strategic Alignment and POV on IT

Choosing an MSP: No. 2. Strategic Alignment and POV on IT

Does the MSP share our vision for IT and its purpose? Financial viability is critical for a MSP. Prudent financial management ensures that the proper investments are being made in the business and that the MSP can survive the booms and busts of technology trends....

IT Support is NOT IT Security

IT Support is NOT IT Security

I hear all too often from business leaders who think their IT Support team and their Security team are synonymous. They just assume that Support addresses all of their security needs by default. After all, the IT Support gang has been managing the anti-virus software...

Recovering from Cyber Risks in SMBs Using the NIST Framework

Recovering from Cyber Risks in SMBs Using the NIST Framework

A ransomware attack happens every 11 seconds. In 40% of companies that get hacked, the same organization is hit again within 9 months. I don't share that to scare you (Although, it should get your attention.) It happens because companies think they have addressed and...

Is your organization ready for the next IT fiasco?

DOWNLOAD The Challenge to find out.

Thanks for taking the challenge!

Share This