4 Critical Steps to Lower Your Organization’s Ransomware Risk

December 14, 2021

The still-evolving pandemic has necessitated many changes in the workplace, chief among them being the move to remote work, aka work from home (WFH). WFH has become a permanent part of many businesses due to the range of benefits it offers – reduced overhead and travel expenses for employers, and more flexibility and work-life balance for employees.

But this move also presents more threats to the security of your business than you might think. Employees working from home (and other locations) and using a wide variety of devices require businesses to revisit their IT security practices and set-ups, especially for those not used to remote work. Otherwise, your business could be risking an exorbitantly expensive ransomware attack. Palo Alto Networks recently reported that the average ransomware payment has climbed 82 percent since 2020, to a record $570,000 in the first half of 2021.

Also consider these chilling facts from our recent survey among IT decision makers in Europe:

  • 48 percent have had a security breach within their organization’s IT in the past two years.
  • One in six companies has experienced a severe ransomware incident during that same time-frame.
  • Of those polled, 37 percent attribute a virus, malware or general security threat specifically to the COVID-19 pandemic situation.
  • According to the cybersecurity firm SonicWall, ransomware attacks rose by 62 percent worldwide and by 158 percent in North America alone.
  • The FBI received nearly 2,500 ransomware complaints in 2020, up about 20 percent from 2019, according to its annual Internet Crime Report.

The good news is that you can build on your existing protocols and solutions to achieve a higher level of security in the WFH era. So if you haven’t done so already, it’s time to revisit your IT security set-up, especially if remote work is a key part of your network. Here are four ways to reduce your organization’s risk of a ransomware attack and other security threats:

1: Endpoint security – protect your network from threats entering in the first place

Securing your organization’s IT is the first line of defense. After all, any threat you can block is a bullet dodged. While many organizations have already ramped up security to protect their computers, servers and mobile devices, other endpoint devices, such as printers, are frequently left unprotected. Yet, these can be used as an entry point for hackers. A skilled hacker can exploit security vulnerability in a connected device and expose an entire network to data theft or disrupt business processes, causing significant costs with a targeted ransomware attack.

To protect our customers, Konica Minolta puts its products through rigorous internal cybersecurity tests and ensures they meet PCI, HIPAA, FERPA and GDPR compliance requirements. The company further protects its bizhub i-Series multi-function printer (MFP) clients by providing a Bitdefender Antivirus i-Option, which scans incoming and outgoing data in real time for infected data. As an example, if print jobs are infected, Bitdefender deletes them.

In addition, the bizhub i-Series can be equipped with bizhub SECURE, a special offering for MFPs that allows for different security levels to be set, to ensure the security of office devices and protect device memory and network settings. A notifier app also warns the responsible project owner when settings are changed.

2: Phishing – make sure the hackers don’t get inside

Ransomware depends on social engineering to succeed. According to Secureworks, half of all internet users receive at least one phishing email per day – and 4 percent of the recipients click on them. Secureworks also found that phishing attacks are up by an astounding 667 percent since early 2020.

Once inside a network, hackers can completely mirror the emails of legitimate internal users – then all that needs to happen for ransomware to be deployed is one user who clicks on the link in the infected message.

While securing endpoints is the first line of defense against these types of attacks, your employees represent the last line of defense when it comes to security. All Covered’s Managed Security Awareness Training reduces your chances for data loss, malware infections and any potential cyber threat by educating your employees and helping to create a human firewall. Benefits of the program also include increased user productivity, because users are confident in their education against these potential threats, in turn streamlining their everyday work.

3: Unsanctioned apps – they’re popular but dangerous

The new world of remote work is full of smart end users who are bound to think they have better tools than those of your IT department. Sometimes a tool can go viral and become the app-of-choice before IT can stop it – or even become aware of its existence.

Though your users may see these as smart and cool new solutions that help them be more productive while working remotely, they’re dangerous to your data security and can become the source of network breaches. How? The provider of the app may have inferior or dated security standards that have been breached. In fact, downloading an infected app is the most common way for Android devices to become infected. Even worse? The prospect of Ransomware 2.0 that infects cloud software-as-a-service providers.

4: Recovery readiness – it’s your best defense in a disaster

Given that last year 50 percent of businesses experienced unforeseen interruptions and of those, 81 percent resulted in business closures of a day or longer, the necessity of a data backup and recovery plan is obvious. The right disaster recovery (DR) plan – one that’s specifically designed for your organization and thoroughly tested – can be the single most important way to make sure your thriving business survives a catastrophic loss of your critical systems.

And while you could develop a DR plan on your own, the best and most cost-effective approach for a small or medium-size business is to work with a solutions provider. These companies have proven track records when it comes to building, managing and testing DR plans for businesses like yours.

At Konica Minolta and All Covered, we specialize in helping our customers develop, deploy and test solid, customized strategies to keep their data – and their businesses – safer in this new era of remote work. Learn more online.

Todd Croteau
President, All Covered