What is the best way for a small- to medium-sized business (SMB) to protect itself from ransomware? Ransomware is impacting firms around the world. Mandiant has indicated that ransomware is on the rise and doesn’t appear to be slowing down one bit. These are the nine tasks that SMBs should focus on to mitigate risk from ransomware attacks.
1. Have a backup plan and tested recovery process
Some might argue that multi-factor authentication (MFA) is the best way to protect a firm, but I’d argue that having a tested backup and recovery process would be better. Too often businesses overlook having a backup and a tested recovery process. Especially for firms with on-premises servers and domain controllers, have a process where someone – in the firm or a consultant or managed service provider — perform a dry run of an actual recovery process. When I’ve done a dry run, I often find that I need to perform some step that I’ve forgotten to restore from a bare metal process. You may find that a HyperV parent needs additional steps or you need to take ownership of the restoration image to fully restore a Hyper V server or virtual machine to full working condition. Ensure that you have a recovery script or manual in place so that staff tasked to recover know the steps. The documented steps will help lower the stress of the event.