Ransomware continues to be one of the biggest dangers to organizations. One infection can shut down operations for days and cost a company hundreds of thousands or millions of dollars.
In 2021, the average recovery cost to a business attacked with ransomware was $1.85 million, and 37% of all organizations globally were hit with ransomware. And it’s not a problem just for servers, computers, and other on-premises devices.
Data stored in cloud services is also susceptible to ransomware infections. Your Dropbox or OneDrive account can easily be infected by an infected computer that’s syncing with the service or directly through password compromise. A hacker that is able to log into a cloud service from a user’s account can then infect the files directly with ransomware if they have the proper permission level.
It’s important that you protect your cloud data storage from ransomware, just as you do data stored in other systems.
Just how prevalent are ransomware attacks in the cloud? Cloud systems are one of the most common targets.
The top ransomware attack vectors are:
- Remote worker endpoint: 36%
- Cloud infrastructure/platform: 35%
- Cloud app (SaaS): 32%
- Trusted third-party: 25%
- DNS: 25%
- Software supply chain vendor: 24%
Do you need some ways to better protect your cloud data? Read on for several smart tactics that you should put in place.
Use Multi-Factor Authentication
One way that ransomware is introduced into cloud storage is through credential compromise. A hacker gains access through the login of a legitimate user and then uploads the infected file, which spreads ransomware rapidly throughout the storage platform.
Protect your account credentials by implementing multi-factor authentication on all cloud accounts. This will keep a ransomware attacker from getting in even if they’ve managed to steal a user password.
Enable Available Ransomware Safeguards in Your Account
One of the newer cloud storage trends we’ve seen is that cloud service providers are introducing ransomware safeguards for files. These include protections that keep files from being altered automatically, which is done by code when ransomware is released. This can also include monitoring capabilities that look for telltale signs of ransomware.
Many of these features will need to be enabled by users and won’t be turned on by default, so make sure you explore any settings like this in your cloud platforms and enable them.
Adopt the Rule of Least Privilege
In several cloud platforms, someone with a general user permission level won’t be able to do things like alter files or add code to a system. It takes an administrative level user to do that.
Reduce your risk that one of these privileged accounts will be breached by adopting the Rule of Least Privilege. This dictates that users should have the lowest possible permission level needed to accomplish their daily tasks. This reduces the number of sensitive administrative accounts your company has.
Log & Monitor File Actions
Monitoring of file changes is paramount to protecting files from being infected with ransomware or lost through accidental rewrite or deletion.
You should ensure your cloud platform has the ability to log changes to files and which user account is making them in real-time. This allows you to set up alerts for suspicious file changes that happen in your account and track down the account that initiated them.
Only Allow An Admin to Delete Files
It’s a good idea for many reasons to restrict the ability to delete a file from your system. This will safeguard your data from ransomware as well as from malicious or accidental deletion.
Look for a setting that will allow you to restrict file deletion to only your administrative users. It’s also a good idea to set up a specific passcode that needs to be entered before a file can be deleted.
Back Up All Cloud Data in a Separate Backup System
While cloud storage can act as a backup for files on your hard drive, it is not the same as having a non-editable backup copy of all your data.
You should back up all cloud data stored in your accounts (Microsoft 365, Google Workspace, Salesforce, QuickBooks Online, etc.) in a third-party backup and recovery tool. You want to use one specifically designed to back up cloud platforms.
Even Microsoft recommends that you do this in its Services Agreement. Under the “Service Availability” section, the agreement states, “We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”
This ensures that you always have a copy of your cloud data available to be restored should your cloud environment suffer a ransomware infection or any other data loss event.
Get Help Securing Your Cloud Data Today!
Don’t leave your cloud data at risk of being wiped out by a ransomware attack. Quantum PC Services can help your Sturgeon Bay area business with a cloud security strategy.
Contact us today to learn more! Call 920-256-1214 or reach us online.