Even with good anti-virus and regular patching of your PCs there is still the chance that someone in your company will open the wrong mail attachment, or allow the wrong popup in their browser, and files across the network start becoming unreadable. A message appears and tells you they are encrypted and a small fee will allow them to be unlocked. Your business is been blackmailed by ransomware.
The headlines about ransomware may have gone for now, but the problem hasn’t. The scale of the problem is growing, with each new generation of attack becoming more sophisticated and harder to block. It is even possible for criminals to purchase a ransomware kit, with all of the infected emails, servers, and management environment, virtualised in some data centre somewhere for a few bitcoins.
But as always with technology, the increase in capability that helps the attacker also helps the victim. In this case the massive amount of cheap computing power and storage available to everyone, often referred to as ‘the cloud’, is the answer. With ransomware the cloud really comes in to its own as a place that a small business can go to for reliability, scalability, and security.
If there is one thing that small companies never get right, it’s backups. Sometimes data is just copied round the network, which protects against a drive failure, but not from a fire that destroys the building, or from a corrupt file, that just gets copied over all the good copies.
If you have many sites, then replicating across them can indeed protect against the loss of premises, but retains the issue that bad data will be spread across the different sites automatically, and before you know it the original precious file is gone.
Historical backups, the daily tape, is the obvious way of stopping a corruption, deletion, or malicious action that happened today from permanently destroying all the valuable information. But even here multiple issues lurk. The tapes and the drives are expensive, and as bigger and bigger hard drives become standard, the cost of archiving them to tape increases. Then there is the need for someone to swap the tape every day, and confusion over incremental and differential backups, and the habit of backing up absolutely everything whether it needs to be or not. In a company without a dedicated IT team I have never seen it work properly.
Another way to backup is to use one of the various online file repositories such as pCloud, Dropbox, or OneDrive. All of these providers has a business grade service that allows a group of users to share files, and control permissions, just like on the old file server in the corner, but with the advantage that the files are available everywhere.
The other advantage of a cloud based backup, is that unlike a small companies, these services are billion dollar multinationals with the highest grade of data centre, and huge capacities regarding file backup and security.
And that is the real advantage, especially in the context of ransomware.
Many of these providers have a roll back, or historical feature. Given the enormous amount of capacity that they have, it is possible for them to hold old versions of files, so if one day, all your data is locked away by a criminally motivated software worm, you can just have those files replaced with the ones from yesterday, when everything was working fine, once your own systems have been cleaned of course, or you’ll just re-infect it all.
In the recent past cloud storage was seen with an air of mistrust, as if sending files outside the company network would doom us all, but now there is no good reason why it is not part of every businesses architecture.