Posts Tagged ‘IT Disaster Recovery Plan’

Could Your Company Be Ransomware’s Next Victim?

Wednesday, July 8th, 2015
Preempt A Crisis - Rea & Associates - Ohio CPA Firm

While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.

The malware known as CryptoLocker or CryptoWall continues to be a major concern for individuals and companies alike. So much so, that the FBI saw fit to issue a warning just last month and help raise further awareness about the threat.

According to the FBI, this Ransomware continues to evolve, which helps it avoid user’s virus detection software applications – even if they are current. Since April 2014, reported the FBI, there have been 992 incidents of CryptoLocker reported. These occurrences have resulted in the loss of around $18 million.

Read Also: How Much Is Your Data Worth To Criminals?

The Threat Is Real

Ransomware is a computer infection that’s been programmed to encrypt all files of known file types on your local computer and your server’s shared drives. Once it takes hold, it’s all but impossible for you to regain access to the data that’s been infected. Once this happens, you have one of two choices. You can:

  1. Restore their machine by using backup media, or
  2. Accommodate the hacker’s demands and pay up.

As a direct result of my experience as an IT audit manager, I have been made aware of several situations in which businesses were left with no choice but to succumb to the demands of malicious cybercriminals carrying out Ransomware attacks. And while the companies I have worked with were finally able to obtain their assailant’s encryption key code to unencrypt and regain access to their data after the ransom was paid, others are not as lucky – after all, the FBI has reported $18 million worth of losses in just over a year. Furthermore, there are no guarantees that you won’t be targeted again in the future.

Preempt A Crisis

While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.

  • Implement mandatory computer safety training for all employees and implement and test an IT Disaster Recovery Plan in place.
  • Always use reputable antivirus software and a firewall and be sure to keep both up to date.
  • Put your popup blockers to good use. Doing so will help remove the temptation to click on an ad that could infect your computer.
  • Limit access to company’s data by ensuring that only a few employees have access to certain folders and data. You can facilitate this type of action by conducting annual reviews of your company’s employee access rights.
  • Backup all company-owned content. Then if you do become infected, instead of paying the ransom, you can simply have the Ransomware wiped from your system and then reinstall your files once it’s safe again to do so.
  • Never click on suspicious emails or attachments, especially if they come from an email address you don’t recognize. And actively avoid websites that raise suspicion.

Shut Down The Attack

If you are surfing the Web and a popup ad or message appears to alert you that a Ransomware attack is in progress, disconnect from the Internet immediately. Breaking the connection between the hacker and your data could help stop the spread of additional infections or data losses. In addition to informing your company’s IT department about the threat or occurrence, be sure to file a complaint with your local law enforcement agency.

Email Rea & Associates to learn more about the importance of your company’s online security.

By Brian Garland, CPA (Dublin office)

 

Related Articles

Beware Of The Small Business Wire Transfer Scam
Could A Cyber-Attack Cripple Your Business In 2015?
8 Tips For Crafting A Strong Password

Share Button

How Prepared Is Your Business For A Potential IT Disaster?

Tuesday, September 9th, 2014

Natural disasters. Hardware meltdowns. New variants of viruses and malware. Unfortunately, we live in a day and age where anything can happen. It’s critical that your business is on its toes, ready to tackle any potential disaster or crisis that may come your way. But is it? If your business’s computer systems crashed tomorrow, how easy (or even possible) would it be for your business to recover? Has your business ever given thought to a disaster recovery (DR) plan? Do you have one of these plans?

It’s National Preparedness Month. A month where government agencies and businesses alike work to educate companies and organizations about the importance of being prepared whatever may come your business’s way. In honor of this month, below are five reasons why your business should create (if you don’t have one) a disaster recovery plan

Top 5 Reasons For A IT Disaster Recovery Plan

A Gartner report estimates that only 35 percent of small- to medium-sized businesses (SMBs) actually have a working and comprehensive DR plan. And from its research, Gartner also found that 40 percent of SMBs that manage their networks and Internet usage in-house will have their networks hacked, and more than 50 percent won’t know they were hacked. Pretty sobering statistics, right? There are many reasons why having a DR plan is a wise business move. In fact, here are the top five reasons why a DR plan is imperative to the success of your business:

  1. You can’t control when a disaster happens – it can happen at any time. Disasters can be natural or man-made – either way, you don’t have control over when it could happen. A DR plan will help you be prepared for anything at any time.
  2. A DR plan can help you save thousands, possibly even millions, of dollars in the event of a disaster. When a disaster strikes, it’s usually not a cheap fix. Depending on its severity, many businesses’ budgets are hit quite hard. And if this is an unexpected expense, it’s that much harder to make a complete recovery.
  3. You can mitigate your losses with a DR plan. Money isn’t the only thing at stake during a disaster. Don’t forget about the trust and confidence of your customers, employees, investors, vendors – the list goes on. A DR plan can help you retain your critical audiences during a disaster.
  4. A DR plan can help you reduce confusion among your staff and audiences. When a disaster hits, imagine the confusion and uncertainty that comes with it. In some cases, it may seem like you have no control over the situation. A DR plan can help you have an organized approach to resolving the disaster.
  5. The government may require businesses within your industry to develop and utilize a DR plan. If your business handles sensitive customer information or other information that could be critical if lost, the government may require you to have a formal DR plan, which should include yearly testing of offsite back-up recovery data.

Does your business have a DR plan? If not, you need to create one. Email Rea & Associates for more information about what to include in your plan. If you already have one in place, first pat yourself on the back, and then review it to ensure that it reflects your business’s current environment. Detailed and tested plans are imperative to the successful recovery and even for the longevity of your business.

Author: Brian Garland, CPA (Dublin office)

 

Related Articles

New Form Of Malware Catching Retailers Off Guard

How Do You Protect The Value Of Your Business

What Are Some IT Audit Tips That Can Keep You Off Santa’s Naughty List?

Share Button