5 Strategies MSPs Can Use To Protect Their Clients from Ransomware


Thought Leadership

5 Strategies MSPs Can Use To Protect Their Clients from Ransomware

Teresa Zwierzchowski

Ransomware has become so insidious, so advanced, that seemingly no one is safe. The latest high-profile attack targeted the PGA of America—the organization that hosts the Ryder Cup and other popular golf tournaments, as well as oversees the golf pros who work at courses around the country. The bad guys demanded bitcoin to unlock the PGA’s files.

Why would the hackers go after the PGA of America (which, it should be noted, isn’t the PGA Tour) when financial and healthcare organizations are seemingly more lucrative victims? Perhaps because smaller, less obvious targets are easier to infiltrate and more likely to pay the ransom. Their IT departments might not have the resources other businesses do, and instead may rely on managed service providers (MSPs) to provide the cybersecurity they can’t.

As an MSP, you therefore can’t disappoint. Ransomware is a serious problem, because of the shock of being locked out of files and systems and the costly downtime that occurs. When your client experiences a ransomware attack, they will look to you to solve the problem. Your expertise will be needed, and your reputation will be on the line.

That said, MSPs can be organizations’ best allies in the fight against ransomware. Here are five strategies that will help protect your clients:

1. Offer Training

An IBM report confirmed what most MSPs are painfully aware of: Human error is a major reason for successful cyberattacks. The IBM X-Force Threat Intelligence Index 2018 found that two-thirds of data breaches were the result of “inadvertent insiders.” Often, these insiders don’t belong to the MSP, but rather, they are client employees who open emails, download attachments, or click on links that shouldn’t be opened, downloaded, or clicked. This scenario is especially frustrating for MSPs because one careless user can let ransomware in and create havoc for your team.

Although you can’t completely eliminate inadvertent/what-were-you-thinking mistakes, offering training on email and web security best practices to your customers’ employees is a great strategy for reducing risk. Such training can teach users to spot suspicious digital content and to securely and intelligently use mobile devices for work functions. Moreover, offering training tells your customers that you are committed to their best IT interests.

2. Utilize Smart Software

The software you choose to protect clients against ransomware is critical. The solution must do a good job of:

Preventing malicious emails from reaching inboxes Filtering web usage to stop ransomware from self-installing Detecting and neutralizing ransomware already lurking in a client’s systems

This is a tall order for sure, but software is available that handles all of this and offers additional protection from viruses, phishing attacks, and other threats, locally and on mobile devices. he best solutions offer additional layers of security to ensure your clients are getting maximum protection against today’s perilous threat environment.

3. Back Up, Back Up, Back Up ...

Successful ransomware attacks leave businesses with few options—the least palatable of which is paying the ransom and getting their systems back. However, there’s no guarantee that once an organization shells out bitcoin or whatever currency is being demanded, its files will be unencrypted. Moreover, even if an “ethical” cybercriminal unlocks the victim’s systems, data can be damaged or lost—which is akin to someone paying to get their car out of impound and discovering a few tires are missing.

The best defense against a successful ransomware strike is a thorough backup strategy, so your clients can restore their files and applications to a place before the attack was initiated. When data is constantly backed up, either on premises, off-site, or in the cloud (or some combination thereof), businesses don’t skip a beat and aren’t giving in to the bad guys—results that save your client money. After data is restored, security software can determine how the ransomware struck so that the threat can be neutralized.

4. Stay Ahead of the Curve

WannaCry, Petya, NotPetya, Bad Rabbit, and Reveton are some of the big ransomware names to strike businesses over the past couple years. Eventually, new ransomware will replace those malicious applications, and MSPs, IT departments and cybersecurity experts will scramble to repel the new threats.

Amid this constant struggle is the need to keep system applications and antimalware and antivirus solutions continually updated. The bad guys inevitably will come up with new ways to infiltrate businesses’ systems, but you must ensure all the old threats are sufficiently countered. Staying current on the latest ransomware developments is crucial; some third-party anti-ransomware providers even offer customized threat intelligence so customers know what new dangers are lurking.

5. Plan for the Bad; Prepare for the Worst

Ransomware is so prevalent and ever-evolving that something still might escape detection by the most diligent organizations and competent MSPs. By following best practices and using top-notch cybersecurity software, you can more easily remove any discovered ransomware and determine how it infected your clients’ systems. Share with your clients the exact steps you will take if a ransomware attack occurs. Cement a plan for restoring their systems, whether by neutralizing the ransomware or retrieving data from backup services, so that if the worst-case scenario does occur, disruption of operations will be minimal.

A 2016 report by Datto estimated that small and mid-sized businesses hammered by ransomware lose $8,500 an hour due to downtime. This cost places a fair amount of pressure on MSPs to protect clients’ data and profits. With a strong ransomware strategy, both you and your clients can feel more secure.