“What do you mean I’m not safe from All Ransomware Attacks?!”

If your IT provider is anything like WAMS, then they do everything in their power to
protect you from all types of viruses, malware, and ransomware out there. Chances are that you
are paying accordingly for your protection and are getting sound advice from your provider. So
how is it that your IT provider cannot protect you from all attacks? After all, they should know
everything shouldn’t they?

We aren’t going to sugar coat things here… the truth is, we don’t and we can’t. But, we
can keep you as safe as possible. It’s unfortunate the way the ransomware industry, yes,
industry, is growing and changing today. Recently cybercrime has evolved into a full blown
industry; who would have thought that Ransomware as a Service would become a thing?
Criminals are getting smarter and constantly learning ways to get past what used to be viewed
as everything-proof security. The ones creating malware these days are just as brilliant as your
security solution experts; they have simply chosen the dark side of IT. It’s definitely a scary
thought, which is exactly why you need to equip yourself with as much security and protection
as is available to you.

Try to think of it this way: your IT provider in many ways is to your network system what
your doctor is to you. You visit your doctor when you are ill and come up with a solution for how
you will recover; what kind of treatment you will be needing. Most people also have regular
checkups with their physician even when they feel healthy just to ensure that everything is going
smoothly. Your doctor offers many preventative solutions as well, such as vitamins, diet,
exercise, and vaccinations. Your doctor is the expert, and yet even when following directions,
you still occasionally catch something. There are two aspects that your doctor cannot control
that can cause you to become ill: the environment and your actions. We all know that you have
minimal control over the environment; more importantly, your doctor can make
recommendations over and over yet without proper execution you are at a higher risk. Be it the
flu, a cold, a hereditary illness, etc. Try to think of your IT provider in the same way. Your
systems are monitored, updates are constantly implemented, and they protect you to the best of
their abilities. Your IT providers are the experts, but sometimes there are attacks that have
evolved; brilliant culprits who have figured out how to get past even the most up-to-date security
settings. And without proper security training, your staff may be your biggest risk factor for
allowing these infections to occur. Undoubtedly, a solution to fight and/or prevent these attacks
will be found quickly in most cases; that doesn’t mean that you may not be vulnerable. Like your
body to illnesses, there is always something out there that will present as a threat to your
system.

If your IT provider doesn’t have all the answers, then what are you to do? The reality is
that nobody truly has all of the answers; and probably never will. The best strategy is to plan for
the worst and have steps in place to limit the negative impact. We can stay up to date in every
way possible, follow every IT security blog, and do everything in our power to stay updated and
ahead of the game on the latest attacks. The problem is that much like real-life illnesses,
ransomware is changing and evolving rapidly. When new ones begin to attack, there may not be
a set solution for neither prevention nor destruction, other than wiping your system and restoring
from a backup. However, below is WAMS’s prescription on the many ways that you can prevent
yourself from future attacks.

1. Stay updated.
Work with an IT provider that keeps you in the know on the latest updates
regarding major attacks and security breaches. For instance, WAMS posts vital information
on social media, to blogs, and sends out a WAMS Warning email any time there is a culprit
on the rise or a security issue coming forward.

2. Work with an IT provider that you know you can trust.
Why is this so important? Your
provider will make recommendations based on your system’s needs. You need to feel
excellent about the recommendations you receive from your provider, and more importantly,
be 110% confident that it is in your best interest to implement those recommendations if you
want your best chance at avoiding ransomware attacks.

3. Know that you are compliant
with all necessary data security obligations. It is important to
know that you are HIPAA, SEC, FERPA, FTC, and ITAR compliant in your security and data
storage. You also may be subject to the Payment Card Industry Data Security Standards as
well.

4. Have redundant backups in place.
We truly cannot stress enough to you just how
important this is. If you do not have a redundant backup system in place and you are hit with
ransomware, you cannot retrieve your data unless you pay for the decryption key. The
number one problem with ransomware is that no matter how hard even the most brilliant of
IT providers try, decrypting ransomware without a key is completely unheard of. We’d like to
wave our magic wands and rid you of these nasty infections, but that’s not an industry
possibility… yet.

5. Email security. At WAMS, we implement Mimecast’s solutions not only for our clients but
internally as well because we know that we are protected from multiple different types of
attacks. Our solutions provide security, archiving, continuity, malicious Url defense,
attachment sandboxing, data leak prevention, and email encryption.

6. Mandatory security training
for your staff. We can’t control everything out there affecting
your network, but we can provide your team with security training and assist you in putting
together policies that will keep your network safe.

We can’t stress enough to you that this “prescription” is a list of steps for your best shot
at protecting yourself and avoiding future hits. Never underestimate the power that you give
criminals when you do not take the necessary precautions and allow yourself to be vulnerable. It
is vital that you are just as careful about the health of your network as you are about your own
health. Let your IT provider be your network doctor, and allow them to keep your system healthy.