Step Ahead - Step Ahead Business Continuity

Business Continuity
Planning and Management


Cloud enabled
Appliance driven (virtual/physical)
Controls based

Ransomware Protection

Most ransomware uses the AES algorithm to encrypt fles, though some use alternative algorithms. To decrypt fles, cyber extortionists typically request payment in the form of Bitcoins or online payment voucher services, such as Ukash or Paysafecard.

The standard rate is about $500, though we’ve seen much higher. Cyber criminals behind ransomware campaigns typically focus their attacks in wealthy countries and cities where people and businesses can afford to pay the ransom. In recent months, we’ve seen repeated attacks on specific verticals, most notably in the local government sector.

How Step Ahead provides Ransomware Protection?

Step Ahead will help the customer build a cyber security policy if one is not already in place. The following steps will be advised and implement by Step Ahead for its customers.

Step Ahead - Cyber Security Awareness & Training

Awareness & Training

(NIST 800-53 controls AT-2, AT-3)

Step Ahead - Cyber Security Monitoring

Access control & Antivirus

(NIST 800-53 controls AC-2, AC-3, AC-5, AC-6)

Step Ahead - Cyber Security Remediation

Backups

(NIST 800-53 controls CP-9, CP-10)

Step Ahead Ransomware protection

How Ransomware Protection Works?

Step Ahead will take snapshot-based, incremental backups as frequently as every five minutes to create a series of recovery points. If your business suffers a ransomware attack, this technology allows you to roll-back your data to a point-in-time before the corruption occurred. When it comes to ransomware, the benefit of this is twofold.

Firstly, you don’t need to pay the ransom to get your data back. Secondly, since you are restoring your data to a point-in-time before the ransomware infected your systems, you can be certain everything is clean and the malware cannot be triggered again.

Step Ahead’s data protection allows users to run applications from image-based backups of virtual machines. This capability is commonly referred to as “recovery-in-place” or “instant recovery.” This technology can be useful for recovering from a ransomware attack, because it allows you to continue operations while your primary systems are being restored with little to no downtime.

Timeline Visual

timeline

Why Business Continuity is important?

SaaS applications such as Google’s G Suite and Microsoft Office 365 are easy to use, highly scalable, and are relatively inexpensive. However, SaaS apps don’t deploy and manage themselves. Additionally, SaaS applications require data protection for business and compliance, just like any other mission-critical app.

Why Customers Need SaaS Backup?

SaaS users commonly believe that backup isn’t necessary for their data because it exists in the cloud. However, this is untrue. SaaS applications are just as vulnerable to data loss as on-premise apps. Why? Because the #1 cause of data loss is human error. People delete data, open phishing emails, accidentally download malware, and more. SaaS vendors are unable to distinguish if certain user actions are done in error or deliberately. Most of a company’s intellectual property are flowing through Google Gsuite Gmail and Outlook and data breaches occur due to human error which include the following:-

Malicious deletion by a disgruntled employee or outside entity

Malware damage or ransomware attacks

Unintended actions on phishing email attacks

Operational errors such as accidental data overwrites

Lost data due to canceled app licenses

Without a business continuity policy in force, you are bound to suffer the consequences

SaaS apps provide limited protection against accidental data loss scenarios, and sometimes even less so when it comes to ransomware attacks or malicious end user activity. This is because many vendors operate under the “Shared Responsibility Model” – they only claim responsibility for areas that they have complete control over. Microsoft and Google must maintain the availability of their applications and protect their servers from disaster scenarios, but the end user is responsible for creating the data within their applications. Step Ahead provides the buffer against data loss between SaaS providers and end customers.

bcp_consequences

Cybersecurity And Small Businesses

  • According to the FBI’s 2017 Internet Crime Report, Internet Crime Complaint Center, or IC3, received 1,783 complaints identified as ransomware, resulting in losses of over $2.3 million
  • In 2017 – 61% of cyber-attacks were against small businesses (SB) with less than 250 workers
  • 62% of all cyber-attacks target small and medium businesses (SMB)
  • Many small businesses don’t have cyber security policy, anti-phishing email measures, data encryption or off-site backups
  • Ransomware increased by 36% in 2017; over 4000 attacks occur each day according to the FBI.
  • It takes most small businesses 197 days to realize they have an attacker in their network.
  • 78% of people in a recent survey know it’s bad to click on a link or attachment in an email of unknown origin, but do it anyway