Ransomware can strike data no matter where it resides. On employee devices, company servers, and in cloud storage and SaaS (Software as a Service) platforms.
While remote worker endpoints may be the most popular attack vector for ransomware, cloud infrastructure is the second most popular. The third most popular is also in the cloud.
Top 5 ransomware attack vectors by popularity:
- Remote worker endpoint: 36%
- Cloud infrastructure/platform: 35%
- Cloud app (SaaS): 32%
- Trusted third-party: 25%
- DNS: 25%
With more and more company data and operational activities moved to the cloud, it’s becoming a larger target for hackers and one that’s more dangerous for cybersecurity. Just one ransomware infection in a cloud platform can bring operations to a screeching halt.
Between 2020 and 2021, the cost to remediate a ransomware attack more than doubled to $1.85 million.
Avoid becoming a victim of cloud-based ransomware by adopting some best practices to protect your cloud data.
1. Enable Ransomware Protection in Cloud Platforms
One of the new trends in cloud storage is the addition of more security to fight ransomware. This type of malware has been running rampant and increasing each year for the last several years. This has cloud providers offering more protection directly designed to fight this type of attack.
Look for any ransomware prevention settings in your cloud platforms that you may not know are there. These often will not be enabled by default. It’s up to the user to turn them on and configure them properly.
2. Keep Cloud Data Backed Up in a Separate Place
Are you backing up your SaaS data in a separate backup system? If not, you should be. If your cloud environment is infected with ransomware, then you need to have a clean copy of all your files so they can be restored after the ransomware is removed.
If you’re not sure how to do this, you can come to Connect2Geek. We can recommend a backup and recovery system designed to back up cloud platforms.
3. Enable Multi-Factor Authentication for All Accounts
Ransomware can more easily be released when an attacker breaches a user account. They can then simply upload a malicious file and let it spread.
You should be protecting access to your cloud tools by enabling multi-factor authentication for all your users in all cloud solutions. This removes one important vulnerability that attackers often exploit to breach company cloud accounts.
Credential theft is now the #1 cause of data breaches globally.
4. Use Persistent File Protection Policies
The better you can protect your files, the less risk you have of them being encrypted and made unreadable by ransomware.
Use persistent file security policies that can restrict things like deletion, sharing, and downloading. One such capability is sensitivity labels found in Microsoft 365. Once files are protected with a set of security policies, those policies stay with the file as it travels throughout the platform in different apps.
5. Use a Single Dedicated Admin Account for Cloud Solutions
Hackers love to breach administrative accounts because they will have more permissions and can access more data than if they could only log in at the general user level.
You should have as few accounts with these higher-level privileges as possible to mitigate your risk. One best practice is to reduce your admin accounts per platform to just one.
The dedicated admin account is not used on a regular basis but instead is only used for administrative purposes. It is shared by anyone that needs to perform these admin duties, and once they’re finished, they log out and back into their non-privileged user account.
Platforms like Microsoft 365 allow you to use a dedicated admin account without paying for an additional user because of the increase in security when using this method.
6. Monitor and Track Cloud Access & File Changes
It’s important to have alerts for any strange file activities that might happen in your cloud platform, such as multiple files being changed within seconds of each other. However, you can’t do this unless you have monitoring and tracking in place.
You should use tools that can monitor logins and when files are accessed. All file changes should also be tracked and logged. This type of system will allow you to react swiftly should there be any unusual file activities.
7. Have Your Cloud Settings Configured Professionally
It’s estimated that approximately 44% of cloud privileges are misconfigured. Misconfiguration of user and cloud security settings is a leading cause of cloud data breaches and malware infections, such as ransomware.
There are multiple security controls in many cloud platforms. When used right, they can provide a lot of important safeguards for your account and data. But most businesses need to have these professionally configured to ensure they’re not leaving their cloud environments vulnerable.
Set Up a Cloud Security Review Today!
Connect2Geek can provide a cloud security review for your Treasure Valley area business and help you address any potential vulnerabilities.
Schedule your free consultation to learn more today! Call 208-468-4323 or reach out online.