screenshot-2016-10-28-16-50-33What is ransomware? Like the digital version of a Liam Neeson film, it’s a category of malevolent software designed to hijack use of a computer or device until some amount of currency or value is paid to the perpetrator. The hijacking typically manifests itself as encrypted files, making them inaccessible.

Dealing with ransomware is expensive, particularly for businesses. In addition to the financial cost of paying the demanded ransom, if left with no other option, other costs can include:

  • Organizational: Businesses experience disruption in multiple ways. They may have to quarantine or shut down systems to deal with the infection, even systems not directly infected. As a result, customer-facing operations may be negatively impacted.
  • Data: If a business cannot recover encrypted data, files, etc. via uninfected backup, or if ransom is paid and the decryption process fails, that data is lost. This loss of data can be a huge detriment. Types of data that could be lost include intellectual property, regulatory and tax records and filings, customers’ personal identifiable information, and company records, among others.
  • Financial: In addition to any ransom paid, if customer-facing operations are impacted, revenues could suffer, both short and long-term. In addition, there’s potential for liability in case of customer impact from customers, and if the business is in a regulated industry, from regulators.

What can you do to help avoid ransomware? An ounce of prevention is worth a pound of cure. Here are five ways to protect your business from this scourge:

1. Backup

Be sure to routinely backup the files on every business computer. This can’t be emphasized enough. The longer your backup history, the better. Backups also help protect against losing data due to damaged equipment and natural disasters. There are many automated tools available these days that make backing up files simple and effortless.

In addition, don’t skimp on your backup media. If you use tapes or cartridges for backup, don’t overwrite them with new data every few days. If by being economical you only have a few days’ of backup on your media, that still exposes you to sophisticated attacks that intentionally delay for a period of time. As an initial plan, we suggest two weeks’ worth of unique backup media.

For our IBM i customers, we suggest not mapping a network drive to the root of the IFS with regard to backup. Also, make sure you only create File Shares to the IBM i with access level *R (read only) whenever possible. If you create a File Share with access level *RW (read/write), you should use the capabilities of the IBM i built-in security to allow only Read access by default and control who specifically has write access.

DPS can provide assistance in setting up File Shares on your IBM i as well as controlling access to the referenced directories using IBM i security. We can also show you how to backup your PC data to your IBM i system, where it will be saved to media as part of your regular nightly backups.

2. Email

Don’t open email attachments from unknown sources. Also, avoid email attachments from known sources if the message itself seems unusual or odd. When in doubt – don’t do it!

3. Social Media

Don’t click on web links in social media posts from unknown or suspicious sources.

4. Ad Blocker

Blocking ads on your web browsers not only can help protect your computers, but can also improve the browsing experience – a win-win!

5. Business Only

Consider stronger policies regarding internet use on business computers to limit exposure to unsafe content.

At DPS, a Premier IBM Business Partner, we specialize in solutions that run on the IBM i operating system and IBM Power Systems architecture, as well as other offerings such as programming services.