Lately, I frequently come across articles saying that ransomware is getting out of control. Either these are really highly optimized SEO content or the situation is serious. Somehow the companies I’ve been involved with managed to avoid ransomware attacks. However, I understand that it is simply a matter of time. With the ransoms reaching millions of dollars and total ransomware damage of $20 billion, pretty much any business is at risk. Have you experienced ransomware attacks yet? If so, do you have any tips on how to minimize the damage?
Anyways, I’m rather an optimist, but I think there are still ways to protect your data. Of course, it requires a lot of effort, a knowledgeable team, and a decent financial investment on top. But when it comes to ransomware protection, the only way to avoid an attack is to build a strategy that covers any possible gap you, your team, and that guy on the internet can imagine.
In this blog post, I decided to cover five crucial tools for your anti-ransomware strategy:
- Backup and recovery (NAKIVO Backup & Replication)
- Endpoint security (Kaspersky Endpoint Security for Business)
- Endpoint detection and security (Singularity Platform)
- Network firewall (Sophos Firewall)
- Email protection (Avanan)
1. Best Ransomware File Backup & Recovery (NAKIVO Backup & Replication)
We can all agree that preventive measures are integral for ransomware protection, but they will fail sooner or later. Unfortunately, that is simply the truth, even though we would like it to be different. That’s why a reliable backup and recovery solution is a fundamental part of my anti-ransomware strategy.
I always wanted to be sure that my critical data was protected and (almost) instantly recoverable. Downtime costs a lot, for some companies, even too much. And if we talk about data loss, it doesn’t just cost money. It can lead to litigation and severe reputational damage.
So, I always start with selecting a backup solution. One of my latest discoveries is NAKIVO Backup & Replication. It offers incremental backup, granular recovery, and ransomware protection, and the price is one of the most affordable on the market. I first downloaded a Free Trial and was genuinely surprised by how powerful this solution is. As for ransomware protection, I started using it to create immutable backups. Plus, NAKIVO Backup & Replication allows easy backup testing without interrupting the main business processes.
Dashboard of NAKIVO Backup & Replication.
2. Best Endpoint Security (Kaspersky Endpoint Security for Business)
The first thing that comes to mind in terms of security is an antivirus. Obviously, it is a crucial part of malware protection. However, with time, I understood that simply adding an antivirus to an anti-ransomware strategy isn’t enough. What you need is to protect the whole network. One of the weakest points in any network security is the endpoints, as most breaches originate from them. And the worst thing is that it only takes one device to infect your whole network.
Bring your own device (BYOD) is a common work practice today. It offers several benefits for companies, but having millions of devices out there makes it significantly more complicated to protect a network. However, nothing is impossible. Start by keeping track of your devices. In other words, you have to know who uses what. Next, educate your employees to use complex passwords, download security patches, and never neglect updates.
As for the best endpoint security tool, I’ve been using Kaspersky Endpoint Security for Business. It monitors threats in real time, and it works in the background without interfering with work processes. It is a reliable antivirus that I trust and use not only for desktops and laptops but also for tablets and smartphones. Alternatively, I’ve also used Symantec and McAfee.
Interface of Kaspersky Endpoint Security for Business.
3. Best Endpoint Detection and Response (Singularity Platform)
An additional way to secure your endpoints and, as a result, the whole network is endpoint detection and response (EDR). This tool uses several data analytics techniques to localize, track, and block suspicious system activity. A good EDR solution has to include the following functions:
- Detect security threats
- Restrain the threat at the endpoint
- Investigate security threats
- Offer remediation guidance
EDR is especially helpful when hackers use automated solutions during their attacks as it recognizes any suspicious behavior right in time to react. My personal choice for an endpoint detection and response solution is Singularity Platform. The interface is easily understandable and highly functional, and their support team is rather helpful if anything goes wrong.
Requests tab in Singularity Platform.
4. Best Network Firewall (Sophos Firewall)
I often hear people doubt the necessity of using a firewall, especially when they already have a reliable antivirus in place. It might be the case, but firewalls and antivirus aren’t interchangeable for the most part.
When you have antivirus software, your digital property is still open to malware. At the same time, a firewall stops the vast majority of the threats right at the entrance. And if some still leak in through a USB stick, for instance, an antivirus will catch it. This is a great example of teamwork. So don’t neglect using either firewalls or antivirus. Their combination is what protects your environment the most.
For myself, I’ve discovered Sophos Firewall. It doesn’t require any learning curve, unlike most firewall tools. In addition, the pricing is one of the most competitive. If you are looking for something more advanced, you can try FortiGate: Next Generation Firewall (NGFW) or PA-Series.
The interface of Sophos Firewall
5. Best Email Protection (Avanan)
Phishing emails are one of the most popular ways to spread malicious software, including ransomware. That’s why you have to think of including this point in your security strategy. Before you acquire any specialized tool, start by educating your team. Ensure that your colleagues are aware of the potential risk of opening links and attachments from unknown recipients.
After spreading the knowledge, choose a tool that suits you the best. I would recommend Avanan, as it is an easy-to-use and fast-to-deploy solution that does what it’s supposed to do. We were able to significantly reduce the number of phishing emails, and the overall experience was smooth.
Interface of Avanan.
Conclusion
So, that’s been my experience in fighting potential ransomware threats. I would be glad to hear from you. Are there any other preventive measures you use in your environment? Please share in the comments. I guess it will be helpful for many of us trying to fight the inevitable. Or is it that inevitable? I will leave this question unanswered.
Last but least, for those of you who made it here. If you want to get an evaluation of your ransomware protection strategy, you can try this ransomware simulator and get an idea of how protected your environment is. RanSim offers ten types of ransomware attack simulations. Obviously, even a high score is
