School Districts for Ransom#Data
by Casey ThompsonRead time:
Ransomware – it’s malicious alright.
Threatening destruction and demanding a sum of money isn’t a new tactic, but ransomware is one foe you can expect to become more prevalent and more sophisticated. Prevention is the name of the game when it comes to fighting this threat. You know the drill – back up your data, train your staff, run your updates.
But the devil is in the details – backups are crucial, but how often is often enough? What kind of staff training can reduce risk? And what’s the role of cloud storage in your security strategy? Find out how you can put up a smarter fight against the threat of ransomware.
Back It UpNot all backups are created equal. If you back up your systems just once a week, or even every other day, you could be leaving days of data unprotected – and in a school system, a lot can happen in that amount of time. Say your system does perform hourly or nightly backups, but all the data is stored on the same network. When that network becomes the unfortunate target of a ransomware attack, your primary data and your backup are both in jeopardy.
Abiding by the mantra “early and often” helps ensure your backups actually help protect you in case of a ransomware attack. So how early? Yesterday is ideal, but today comes in at a close second. And how often is often enough? Nightly backups are fairly standard, but it’s important to consider the consequences of losing different types of data.
It might be time to revisit Peter Krogh’s 3-2-1 rule and plug any holes in your backup plan. You’ll want at least 3 copies of your data stored on 2 different types of storage, with at least 1 copy stored offsite. Some information matters more, so build a safety net for that data first.
Pro tip: Some backup solutions labelled as “continuous” might actually use periodic snapshots, so you could still lose some data. Take care not to “set it and forget it,” either. We’ve seen districts that thought they were running nightly backups, only to find out after a ransomware attack hit that the process wasn’t working as intended. If you’re storing data on premise, make sure your restoration process is well documented and accessible to anyone who might need it.
We all want to do what’s most convenient. If your staff isn’t constantly reminded of the reasons for security practices like complex password requirements and mandatory updates (you know, the foundational security practices you’ve been preaching for years), these requirements might start to seem tedious.
You can help your staff bend toward their better natures by sharing how your security recommendations and requirements contribute to a more ransomware-proof network. When someone understands how delaying updates, clicking on suspicious emails, or leaving their workstation unlocked can leave the whole district vulnerable, they’ll be more likely to adopt some new habits.
What kinds of training reduce risk? Despite its prevalence, we all know that one-and-done, sit-and-get instruction doesn’t do much for employees. Continuous, interactive training – think simulated phishing attacks, periodic malware quizzes, and illustrations of technical security topics – get the best mileage. Armed with a set of security best standards and some basic training, your staff can become a stronger front line in the battle against malware.
Pro tip: Reducing your malware risk probably isn’t a main reason to strive for a culture of open communication – but it’s not a bad side effect. We’ve spoken to district tech leaders who have prevented the spread of malware through simple word-of-mouth and strong internal follow up. A simple “hey, don’t click on that” message can prevent a lot of headaches.
The threat of ransomware becomes less onerous when you know you can count on your storage solutions. The growing percentage of districts putting their confidence in secure cloud solutions is a testament to how labor intensive the push for security has become. Better backups, easier updates, and the peace of mind that comes from knowing the possibility of failure at a local level has been eliminated are just a few reasons moving your district’s software services to the cloud might be a smart move.
Whether you’d like to take hardware upgrades off your to-do list for good, stress less about updates, or reduce downtime in case ransomware does strike, it might be a good time to reexamine your hosting and storage setup. You’ll sleep better knowing you have safeguards like daily offsite backups, infrastructure monitoring, and geographically diverse data centers in place.
Since cloud computing is here to stay, it’s worth exploring how it would impact your security, staffing, and budget. If it has been years since you last considered external hosting, you might find that the cloud looks quite a bit more secure these days.
Pro tip: Don’t take every cloud provider at face value. Your secure cloud provider should, at a minimum, provide infrastructure monitoring, dual-redundant firewalls, hands-off updates, and antivirus protection. Demand no less than an annual SSAE SOC 1 or SOC 2 audit to ensure continued compliance and alignment with up-to-date security practices.
The fight against the ransomware threat requires bridging the gap between those who spend their days immersed in security topics and those for whom security issues are mere headlines. As an IT leader, there’s a lot you can do ahead of time to mitigate risk, but your staff will always be your front line in the ransomware fight.
Brush up on 3 more privacy and security threats with "Security Drill: 3 Threats to Watch For."
|Casey Thompson Digital & Social Media Manager