Blog

4 inexpensive ways to help minimise the risk of ransomware in your business

If you think you won't be a victim to ransomware then you might as well think your going to live 'till 117….

computer criminal.png

In light of the recent massive ransomware attacks it's time to start acting strategically. Think like it's going to hit you, it's just a matter of time…. So how are you going to prepare your business for it?

ABC News: UK working to restore systems after 'unprecedented' global cyberattack. http://google.com/newsstand/s/CBIwqYSQ8zQ
Smart Company: Aussie SMEs urged to update their systems after huge “WannaCry” ransomware attack. http://www.smartcompany.com.au/technology/huge-ransomware-attack-could-be-seen-down-under-as-australian-businesses-advised-to-update-their-systems

How can a small business prepare for this with a limited or no budget?

It's not as hard as you think. I'm going to give you 4 inexpensive methods you can use (combined or separately​) to help you reduce the likelihood of being affected by ransomware.

1. Use Gmail

Ahh Gmail. It's free for those who can't afford the $5/month to have a professional email linked to your domain name but it's also the best SPAM protection for any business stopping 99.9% of SPAM messages!

Using the power of their massive neural network infrastructure and cutting edge machine learning plus they have dedicated security, data scientists and monitoring teams providing round the clock updates it’s the best near-free front-line protection. They are also great at being proactive against threats and super fast when they need to be reactive.

Don’t want to use the Gmail client?

If you don't want to use their web based Gmail client, no problems. You can connect to Gmail via most other clients such as Outlook or Thunderbird.

Already have an on-premise solution?

If you already have an on-premise email solution you can still benefit from Google's mighty power! ….sorry couldn't help myself…. :)

You can route your email traffic through the Gmail infrastructure first, allow their technology to filter your good email from the bad, then forward onto your internal Exchange or email network.  This is called an Inbound mail gateway.

Think about it…. does your current email protection solution cost you more than $50/user/year?  Or is that a price worth paying to minimise the risk (plus all the benefits)?

If so I'd start investigating this new setup pronto or ask us to help you!

Already have G Suite in your business?

Then you’re already miles ahead of most SMEs and you can rest a little easier at night.

2. Off-Site backups

Off-Site backups are usually an afterthought or painful to restore.

With a G Suite domain you still need an off-Site backup. Why?

Because the most cloud storage solutions use the Trash bin restore feature which isn’t a backup, it’s there in case you made a mistake deleting files. If all your files were to be gone, you need a recent backup to restore from.

Here’s a scenario: If your Windows PC was infected by clicking on the ransomware file in an email (and you weren’t using Gmail or a Chromebook) and you PC was encrypted, your Google Drive sync location would also be encrypted and those files copied up to your Google Drive and overwrite everything. Ruining your Google drive files forever.

That is how ransomware works, nothing you can do about that.

But having regular incremental or point-in-time backup of your files to restore in such an event mitigates the risk of being infected and is essential for every business.

If for some reason your files were encrypted, you could restore from yesterday's backup severely minimising the impact on data loss and at $3/user/month it’s a hell of a lot cheaper than the $$$ ransom required to [maybe] get your data back…. Paying the ransom is not guaranteed… these are criminals remember.

CloudAlly Logo.png

We use, recommend and partner with CloudAlly for our and clients off-site G Suite backups. All backup services are fairly similar but we chose them as they run on Amazon's Web Services network and have an Australian datacenter for fast backups, restore and compliance.

3. Get a pro-active management service

Having a proactive support team that is easily contactactable is important too. Are they talking to your staff about an action plan should you be affected? Are they reacting to the events occurring in this space?

If you click on something suspicious you need to act fast to minimise the impact.

We offer a managed concierge service for as little as $147/month for your whole team. This includes priority support channels and and a Chrome extension to ensure you have every way to contact support in a crisis.

4. Use Chromebooks and Chromeboxes for general use and Windows or Mac computers for heavy lifting (not email)

There's only one reason this is last, it's harder to replace your your fleet of computers. Otherwise it would be almost first.

File:Chromebox.jpg - Wikimedia Commons

Chrome OS devices aren't completely immune to vulnerabilities but they are designed from the ground up to be lightweight in features (so less attack vectors) and secure.

This makes them far less likely to be targeted than your Windows PC, besides there’s no way to install the ransomware software that is used to start encrypting your computer! And if you are hit, a simple reset of your browser settings or power wash (complete wipe and reset) and you're back up in under 5 mins!

I buy all my Chromebooks off eBay and I don't spend over $500 for one….usually about $200/device. You could almost deck out your fleet for the same price as a new Windows 10 computer….. don't forget the added support costs for Windows on top of that….

Side note: If you do run Windows, please... oh please... never use it with Administrative privileges .... ever! Always have two accounts, one standard user (which you use all the time) and an Administrator account (for ease you can make it the same password as your standard) which you always use to elevate your rights to install.

This will stop 90% of all attacks.... in almost every case the malware has to install something.... if you use the above setup you will ALWAYS be prompted to allow it to install XXX random software when you open you email attachment.... deny it and your safe. How to set this up here

If that all sounds too complicated, come and join me on the Chromebox/book wagon.... we sippin' Pina Coladas while everyone else is patchin dem Windows PCs... :)

back to blogs

join our #slack community

Get the most out of your G Suite subscription with regular tips 'n' tricks, how to's and access our support team for questions you need answers for.

It might take some time for us to process and send you an invite so please be patient.

Thank you! We'll process your request and send the invite shortly.
Oops! Something went wrong while submitting the form