Best Practices to Prevent Ransomware
With the alarming regularity of ransomware, it is vital for agencies and businesses to implement and follow standard cybersecurity practices to prohibit these attacks from taking place.
Implementation and standardization of these practices begins with the basics, including the use of encryption, multifactor authentication and data backups. While these practices may seem obvious, consistent implementation can help prevent many attacks —ransomware and more.
Beyond this, public and private sector organizations alike must do a better job educating and informing users of their role in combating ransomware and other cyberthreats. The challenge has only been heightened by the increase in remote work and the resulting data mingling that’s become more common. Such mingling occurs when remote workers access data from their organizations on personal devices or complete personal tasks on their work laptops, both of which pose a major threat.
Agency employees’ use of personal devices for government work can create an easy pathway for cybercriminals to access mission-critical data. Employees must understand their role in protecting an organization’s data, whether they’re in an office or not.
Agencies Should Adopt the 3-2-1-1-0 Rule
Regardless of good employee education and cybersecurity practices, the risk of ransomware remains. For this reason, sustainable data protection and backup strategies are key. These strategies should be strictly followed and easy to remember.
One of the most straightforward strategies recommended for organizations is the 3-2-1-1-0 rule. Each number represents a different backup policy, and the use of this strategy can prepare organizations to recover if they’re hit by ransomware.
Using this strategy, a minimum of three copies of data should always be maintained. Keep in mind that’s a minimum of three; many agencies keep four or five copies of mission-critical data. These three copies should be stored on two different types of media.
It is recommended that one copy be stored offsite and that one copy is immutable or stored offline. These copies are important, as they ensure that even if a threat is prolonged or affects more than one building, there will still be both offsite and reliable air-gapped copies of the data.
The final number in the equation, the zero, represents that there should be zero surprises if a cybersecurity event were to occur. If an organization follows a strategy like the one defined here, it should ensure the recoverability of its data.
As ransomware attacks become more common, federal agencies must adopt best practices with modern data protection, including the right backup strategies and solutions. The sophistication of today’s attacks has made it necessary for organizations to utilize programs that can protect their physical, virtual and cloud data. These programs can help ensure that an organization’s data is protected in real time and can be quickly recovered in the event of a data breach.
Applying and reassessing these practices and strategies with updated agency guidance can help ensure that mission-critical data is continuously protected.