Ransomware is malware that encrypts your data, deletes the original files and demands a payment to unencrypt the data. It can be expensive, in terms of time and money, to recover from a ransomware attack.
Here are four steps to protect your royalty software data from ransomware.
Step 1. Backup your data
Your royalty software data files should be backed up to online and offline locations. Ransomware cannot delete or encrypt backup files if it cannot access them.
An online location is provided by your online backup service. Many online backup services will store 90 days of file versions. Carbonite Safe Backup keeps old versions of your changed files for up to three months. It keeps one daily version of the file for each day of the past week, one weekly version for each of the previous three weeks, and one monthly version for each of the previous two months that the file has been backed up. Carbonite will also keep at least the three most recent versions of a file regardless of age.
Offline locations are USB drives that are not connected to your network. Each month your data is saved to a separate drive. It is best practice to keep three monthly backups and one annual backup of your royalty data file. This requires four USB drives.
- Example: Dec (annual), April, May, June / Dec (annual), May, June, July / Dec (annual), June, July, August
Step 2. Install internet security software
Internet security software aims to stop ransomware (aka malware) before it can cause damage. Here at Kensai International we run Norton Internet Security, Malwarebytes and Check Point’s ZoneAlarm Anti-Ransomware alongside each other. We have clients that use Symantec Endpoint Protection, Sophos Endpoint Protection, or Cisco’s Meraki MX with an Advanced Security license for internet security.
Step 3. Turn on Automatic Updates
In March of 2018, several computers at Boeing were infected by the WannaCry ransomware. In March 2017 Microsoft released a Windows update patch to stop this specific ransomware; however, Boeing had several computers that were not updated.
You can activate automatic updates from the Windows 10 Settings > Update & Security > Windows Update menu.
Step 4. Run Windows 10 on all Microsoft Windows computers
Microsoft Windows workstations should be running the Windows 10 operating system. Windows 10 is more secure than prior versions. Prior versions are less resistant to malware and may not receive security updates for new threats.
For Larger Organizations
In addition to the steps listed above, here are a few malware protection steps that larger organizations often implement.
- Install enterprise level anti-ransomware software.
- Implement two factor authentication to restrict user access to specified folders. Two factor authentication requires something that you know; a password, and something that you own; a cell phone is one example, that receives an access code, to enable access.
- Limit user access to shared drives and folders. Ransomware can only encrypt files that a user has access to. Kensai International recommends that only employees with a need to access royalty information have access to the royalty data folders. Some organizations store royalty data and royalty contract PDFs on a dedicated server. Two factor authentication is required to access information stored on this server.
- Configure the application control policy to whitelist only approved applications and blacklist everything else. Only approved applications can run. If ransomware is encountered, it cannot run. Application control policy tools are available from vendors and from within Windows 10. The Windows 10 Enterprise Applocker application (Group policy editor > Computer configuration > Policies > Windows settings > Security settings > Application control policies > Applocker) allows users to whitelist apps. The McAfee Application Control software is a more user friendly application control app.
- Disable auto-play and auto-run on all workstations.
- Hardware firewalls. Deploy cloud managed security appliances with security software licenses to offices (Example: Meraki MX65W) and remote workers (example: Meraki Z3).