How Cloud Computing Shields SMBs From Ransomware Threats

Cybercrime has only been growing. Since the COVID-19 pandemic, we've seen a 300% increase in cyberattacks. The level of sophistication of the attacks is increasing, and smaller businesses are being targeted more than ever before. More than 50% of all cyberattacks target small businesses, and 60% of those attacked go out of business within six months.

Ransomware, in general, is software that spreads through vulnerabilities and security holes in systems, encrypts data so it's unusable, and then demands a ransom to restore it. These criminals will say they have the encryption key and that they'll give it to victims in exchange for a payment, often of tens of thousands of dollars or more. The FBI does not recommend paying this ransom as it doesn't guarantee that victims will regain their data.

Attackers often use a “phishing” email—a fake email that tries to get a user to click on a link and unknowingly install malware—to infect the employee’s local machine and grant access to your network.

Why do hackers do this? Quite simply, ransomware is a billion-dollar business run by cybercriminals around the world who hold companies and their business data hostage. Global cybercrime is expected to reach $10.5 trillion annually by 2025. Hackers residing in countries that do not cooperate with foreign governments and InterPol have a safe haven to treat hacking as a business model.

Ransomware spreads using known vulnerabilities and security holes. Some of the ways it gets launched in networks are by causing users to open emails or attachments that appear legitimate or by clicking on links and going to fake websites. The ransomware then exploits unpatched or improperly secured systems, encrypting data and spreading it to the next host it can find.

Defending your business from these attacks requires a layered security model that includes:

• A properly configured firewall that restricts traffic to only what is necessary for the business. This includes updating the firewall setting and firmware by a seasoned security professional every 6 months.
• Up-to-date antivirus software must be installed on all client and server machines, preferably with centralized management of signature update deployment on at least a monthly basis.
• All machines should be patched regularly with centralized management, deployment, and reporting at least every three months, if not more often.
• Documented security policies setting out best practices for employees.
• Employees should be educated about preventing phishing email attacks, clicking on spoofed external sites, and downloading software into the enterprise environment.
• Regular offsite backups of your business-critical data allow for a minimal time period of loss.
• Testing the restore operations so that the business is certain that the right data is being backed up correctly.
• Using cloud-based file storage and business software to segregate mission critical data from the local network.

One way to simplify many of these steps is to use software that's hosted on the cloud.

Properly setting up the layered security model above takes skill, time, and expense, both initially and on an ongoing basis. In most cases, the cost can be more than SMBs can afford. Using cloud-based file storage and business applications keeps your data and critical operations locked down outside of your local network, where it is harder for malware to spread.

For example, we maintain a robust cloud environment, deploying some of the best security technology. That technology already hosts over 2,000 customers around the world and has been in operation for more than ten years. Security operations, backups, and failover are performed at secure data centers that house many large servers, networking equipment, and storage arrays. The data centers are managed by professional IT personnel with experience in the cloud environment who dedicate themselves to our software.

We have relationships with our hardware vendors, security consultants, and software providers (Microsoft, for example), whom we can contact at a moment’s notice and receive an immediate response, even on holidays and weekends. These things are not only expensive but also require the scale of operations to be successful.

Through the scale of operations, we can help you reduce the operational risks to your business at a more affordable cost than a stand-alone operation. Ignoring the risks to your business operations in light of today’s challenging security environment is a choice. However, we value your business and want to help you proactively avoid a disaster.

Ransomware is a growing threat, but your SMB doesn’t have to face it alone. Implementing cloud-based solutions strengthens your security and minimizes operational risks. Adopting a proactive approach can protect your data, maintain business continuity, and avoid costly setbacks.

Editor’s Note: This post was originally published on April 25, 2019, and has been revamped and updated for accuracy and comprehensiveness.