by TUCU Managed IT Services in Toronto

Ransomware prevention strategies for small business are no longer optional. Infection rates have increased steadily year over year for multiple years now.

Your server backup on a USB hard drive could cost you $50,000. Your free web hosted email could cost you $25,000.

For years, small business owners have been using seemingly sufficient, free or cheap IT solutions but the real cost is changing. In 2019, cyber crime exploded in Canada. Previously, targets were largely aimed at our neighbors south of the border, but times have changed. Just a few short years ago, ransomware infections targeting small business were few and far between, and ransoms were a few thousand dollars. Last year, we encountered $10,000 ransoms, and this year, $25,000 and $50,000 ransoms targeting small business owners with no IT staff, very few staff altogether, and seemingly too small a target to even bother with. However, if your business was threatened with a total shut down today, and you had no disaster recovery solution in place, what would you pay to keep it going?

As more small business owners get infected and pay ransoms, more cyber criminals get a better return on their investment in exploit kits, and they come harder and braver with more attacks and higher demands.

Let’s take a look at how the common practice of backing your server up to a USB drive can end up costing you in a big way, and what a better alternative would be.


Server Backups That Protect Against Ransomware

Your server is the heart of your business. Especially if you are a dental office or a law firm, using server based software, housing every single patient file or client file there.

You back up your server every day without fail. You use an external hard drive. And then one day, you get a ransomware infection. Your computer screen is locked with a count down timer. You have an unimaginable ransom to pay within 24 hours, or all your files will be gone forever. In essence, it’s pay, or lose your ability to run your business.

Your first thought is that you have a backup, so you will be ok. But you learn your back up drive is also encrypted, and your only recourse is to deal with these cyber criminals.

Even if you pay the ransom, statistics show that cyber criminals don’t return files or decryption keys in approximately 13% of cases.

Even after you pay and recover your files, you need to be sure the threat is gone, and to do that, you have to run multiple cleaning tools or wipe and reinstall your operating systems. This could take days or weeks. The IT services bill will be a few thousand dollars. Add that down time, stress and invoice to the cost of a ransomware infection.

So what would be a better alternative to back up your server data?

Well, for disaster recovery purposes, it is strongly recommended you have both 1 on site and 1 off site data backup.

The offsite backup should be a cloud backup that doesn’t connect to your network, and would remain untouched in the event of a virus, but also not susceptible in the case of fire, flood or theft. It should also have revision control, meaning even if one set of files is corrupted, the previous revision could be reverted too.

The on site backup should be removed from the network. Even if you have redundant drives put in your server, with mirror copies of all your data, one or both of those drives can die anytime, without warning.

Be safe and ensure you have a cloud-based server backup, with revision control, that is tested weekly or monthly, and you are 100% certain you can restore from.

If you have a server, and are backing up to an external hard drive on your own, chances are good you are also managing the server yourself. You probably have a team or family member who knows a few things about technology and is helping you with it, or you Google things when you have a problem. This is high risk IT management. You simply aren’t aware of what you are missing.  If you are not ready to hand over your entire network to experts, at the very least, consider having your server and backup managed by professionals. For a flat monthly fee, you are investing in business continuity, avoidance of problems, less risk of virus, and recoverability in the event of a virus, fire, flood, power surge, or just a dead drive.

A few small changes today can help you avoid big problems tomorrow.

Further reading:

Need help in Toronto? Since 2003, TUCU Managed IT Services Inc has been offering SMB IT security services, including outsourced server support and total IT management services.

Schedule your consult call. We will review your current setup and give you options to protect your business and avoid big problems.