Practice Management

A layered approach can help ensure that if one line of defense fails, another will provide protection

By Leah Golob |

 

Ransomware is a type of malicious software that can infiltrate your computer system and "kidnap" your files, keeping them encrypted until you pay a fee to the culprits.

Smaller firms such as financial advisory practices are often more at risk for a ransomware attack than large financial institutions, says Adam Thorn, president of Tech U Can Use (TUCU) in Toronto.

"Small, independent firms often hold the misconception that they are too small for a hacker to bother with and that they'll fly under the radar of this type of infection, so they don't invest in computer security," Thorn says.

In most cases, however, ransomware infections are not targeted to a particular firm. Instead, they work as a "dragnet," sweeping the internet and email accounts in an effort find victims.

"They'll often come in as spam with a link to a download that has a ransomware payload," Thorn says.

Once a computer is infected, ransomware will encrypt Microsoft Office documents, photos, videos and PDF files, making them irretrievable without a decryption key. The key is often held for a ransom of $300-$500 if the attack is untargeted, and $10,000 or more for attacks aimed at larger businesses, such as financial institutions and health-care organizations. 

To ensure your business is protected from ransomware, Thorn says, think in layers when setting up precautions. That way, if one measure of defense fails, another can still provide protection.

> Use online backup software
Don't rely on an external hard drive as your only backup in case your files become encrypted. It's an ineffective solution because ransomware can also encrypt those files, Thorn says.

Instead, you should use an online or cloud-based backup system. Most online backup software has a revision control feature,  which will automatically back up your documents each time files are updated.

"At worst," Thorn says, "you may need to restore your files to a point before the infection took hold."

Thorn recommends online backup providers such as Carbonite, from Boston-based Carbonite Inc., or Mozy, from Utah-based Mozy Corp.

> Subscribe to a UTM firewall
A firewall will create a barrier between a trusted internal network and an unknown outside network. A unified thread management (UTM) firewall is good for protecting a small network from most types of infections, including ransomware strains. Many UTM firewall manufacturers provide devices for smaller networks, Thorn says.

For example, Campbell, Calif.-based Barracuda Networks Inc. and San Jose, Calif.-based SonicWALL each have devices designed for small offices, he adds.

It's also a good idea to install antivirus software to provide another layer of protection in case anything gets past your UTM.

> Remove administrative user profiles
Computers typically come with an administrative user profile so that you can install software after purchasing.

"Once setup is complete," Thorn says, "you should create a second standard user profile for day-to-day work.

"This limits the ability to make operating system changes or install software — two common actions attempted by ransomware and other viruses," Thorn says. "Disabling these controls helps to limit risk."

You can switch back to the administrative user profile if you need to upgrade your operating system or install new software.

Photo copyright: madrolly/123RF

 

Related Content