Ransomware is a type of malicious software that blocks access to computer systems and then requires an anonymous payment to the hackers for return of the data. A ransomware attack is typically delivered via a phishing email. Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 14 seconds by the end of 2019 and every 11 seconds by 2021, incurring global ransomware damage costs as high as $20 billion by 2021.
In addition to providing services to clients, a firm’s top priority must be keeping its IT infrastructure and client data safe from any cybersecurity threats, including ransomware. Ransomware isn’t going away anytime soon – if anything, these types of malware will continue to become more dangerous. Here are six things firms can do now to better protect client data:
1. Build and test a disaster recovery plan. Perform a security audit to test and identify vulnerabilities in your organization’s IT infrastructure. Close the gaps to ensure that your information assets are fully protected. Conduct monthly disaster recovery plan drills to ensure quick response times.
A disaster recovery plan can help your firm get systems back up and running after a cybersecurity attack. A business continuity plan enables staff to remain productive while cybersecurity issues are being resolved.
2. Use secure methods of document sharing. How does your firm exchange important financial documents with clients? Do clients send earnings statements and tax documents by regular mail or as email attachments? The insecure nature of mail makes it relatively easy for others to intercept, monitor or tamper with critical information. Instead, use a secure client portal to reduce the risk of data breaches. Accountants and clients can log in on a portal to upload, share and view documents, files and messages in a highly secure, encrypted environment.
3. Implement multiple backup protection. When ransomware infects an organization’s IT infrastructure, it can restrict access to critical information stored within the computer system. Effective backup of firm data will enable restoration of all files, documents and data right up to the time of a ransomware infection or other breach.
Best practice is to have data stored on multiple servers with multiple backup solutions in place, secured with the latest and most advanced technology, to make sure no one can access or delete stored data. Backups should be on a separate network, completely isolated from your main network and oﬀ-site.
4. Increase levels of security. Hackers tend to focus on systems that are easy to access. So the more levels of security they encounter, the more likely they will move on to avoid wasting time and effort. By implementing network wide security solutions, such as anti-virus, web filtering, firewalls and password protection, your hardware and employee devices will have the same level of security.
Additionally, data should never be protected by a single password, no matter how creative or complex that single password may be. With this in mind, you should consider implementing multifactor authentication. It requires two or more forms of authentication in order to access critical data and applications hosted in the cloud. New AI-based technology solutions can analyze and model network behavior, improving threat detection to better protect firm and client data from cyberthreats.
5. Educate staﬀ and clients. Anyone who has access to network files and data, has individualized passwords to log in on business applications or uses any type of device to get to the cloud must be trained to identify potential threats. To spearhead education, think about developing and implementing cybersecurity training courses to educate your staff on the different types of ransomware threats as well as teach them easy tips to avoid attacks, such as exercising caution with suspicious emails or losing mobile devices. Send weekly reminders to your staﬀ on security best practices (e.g., don’t click on links or attachments from unknown senders).
6. Monitor activity. Smaller businesses tend to fall victim to ransomware attacks because they do not monitor ongoing activity. Network monitoring tools can provide visibility into existing weak entry points that have allowed past breaches to occur and using that information to avoid possible future breaches. Track activity by creating a log of past security events and input the data into a security information and event management (SIEM) system. This system will offer a holistic view of your entire organization’s security.
A final recommendation is to assemble and rely on a strong security team. Enlist the assistance of technology service providers. Hosting partners and accounting firm document management professionals understand the cybersecurity environment and have experience in implementing the solutions outlined here. The use of both preventive and predictive security practices will allow your firm to mitigate the risk of ransomware and better secure client data.Last modified on Thursday, 12 December 2019