Leave a comment

How I make sure my business does not get hit by ransomware and scammers

How I make sure my business does not get hit by ransomware and scammers
© Tashatuvango | Dreamstime.com

When it comes to my business, I don't take security lightly. My studios are protected by a security system, employees use badges and only have access to certain areas, and the parking lot is gated so we know who comes and goes.

All of those things help to keep the property safe. However, there are more aspects of my business that need protection, things I consider to be more valuable than mere pieces of equipment.

I'm talking about all of the data on my network. Everything that's stored on my servers. My archives of reports, contracts, financial records, etc. - if I were to lose them it would be detrimental.

Last December, I received an alarming email from my Director of IT warning my entire staff about a phishing scam that had been aimed at my studios. The scammers behind this email went to great lengths to convince my employees to click on something they shouldn't. The message appeared to come from my husband, Barry and even included details that were relevant to our daily business operations.

Fortunately, the scam was identified before it caused problems. But this wasn't the first time something like this has happened. Malicious emails are sent to my company on a daily basis. Thankfully, most of these are weeded out by spam filters, but every now and then some slip through with malicious attachments. Some even carrying ransomware.

What is ransomware?

If you're unfamiliar with ransomware and what it does, you should know that this is not your average malware infection. When a device is infected with this particular type of malware, it's going to cost you big time.

Once the user's computer, laptop, smartphone or tablet is infected, they basically have only two options: Pay the ransom to receive the decryption code, or lose access to everything stored on their hard drive.

Ransom fees aren't cheap either. The average attack costs the individual victim somewhere between $290 and $679. For businesses, that number can be much higher. Early last year, the Hollywood Presbyterian Medical Center made headlines for handing over $17,000 to ransomware crooks in order to regain access to their network and important records.

Last year alone, cybercriminals were able to earn $1B by spreading ransomware. If you're a business owner, and you don't find this number shocking, there's a good chance you're not taking the threat of ransomware seriously. It's not a matter of if your small business will be hit, it's a matter of when.

Protecting your business against ransomware

Many people make the mistake of assuming they're safe if they have a firewall and use antivirus software. While those are important steps, it's not enough to protect your business anymore. If you really want to have peace of mind, you need to take some extra precautions. Here's something I do to protect my business from ransomware, and other cyberthreats out there.

Safeguard your financial records

After years in business, one thing I've learned is that certain positions require more protection than others. One of these areas is accounting, which requires access to the company's financial records.

This is why the accounting director at my studios has two separate computers she uses. Each of these computers serves a unique purpose.

The key difference between these computers is that one of them is hooked up to a separate VLAN, or Virtual Local Area Network, and can only be used for online banking and to access the company's financial records. That means no Facebook, no Twitter, no email, etc.

The other computer is used for emails, the internet, and other daily tasks her job requires.

The data on these two computers will never cross paths because they are segregated and even require separate passwords and logins.

Why do I do this?

After six years with the company, my accounting director has grown used to jumping between these two computers to complete her daily tasks. However, she may not understand the true reason behind it, and why it's so important.

The truth is, email scams are skyrocketing. I tell you about these scams every day in the Happening Now section of my site as news of another victim surfaces. Many of these scams trick people into clicking on malicious links and attachments, infecting an entire device or network with malware. Without this system in place, all it would take is one accidental click, and I could lose access to all of my company's financial records.

Imagine what would happen then. If my company was hit by a phishing scam or ransomware attack that cost me $250,000, I'd never recover that money. The bank wouldn't view it as fraud. Not when it could have been easily prevented by taking precautions. This is why every business owner needs to follow my advice and use this trick to protect their financial data too.

Setting up a private VLAN

Segregating sensitive office computers from equipment that are public facing will minimize damage if your office ever gets hit with malware.

If you have a home business and you don't have the budget for additional hardware, there's a simple trick you can do with most consumer grade routers - turn on the Guest Network.

Turning this on will create two distinct networks. Use one of these networks for your sensitive financial records and software. Use the main network for your regular business operations, and if you have any public facing computers and appliances, put them on a guest network. To prevent infections from spreading through your business, you'll also need a strong firewall, spam filter, and anti-virus software.

However, this is just a basic setup. The system I use at my studios is much more complex. To set up something similar for your own business, you're going to need help from an IT professional. And, you're going to need a network appliance that can handle VLANs. Equipment like this is enterprise grade, but it's worth the investment.

Have a backup plan

Even after taking those steps, there's still one important thing you need to do if you want peace of mind. All of your sensitive data can be backed up automatically. And, if you're targeted, everything you've backed up can be easily recovered. It's as simple as signing up for the IDrive backup service.

IDrive's Universal Backup covers all of the operating systems including Windows, Mac OS, iOS, Android and Windows Mobile. Plus, you can take advantage of the social media backup tool, and create a safe archive for the posts, photos and videos you've shared on platforms like Instagram and Facebook.

IDrive is a sponsor of my show and Komando.com, but what you might not know is that I've made the switch and use it personally.

Plans start at just $5.95 per month for 1TB of storage, which is less than your morning cup of coffee! And as a listener of my show, you can save even more! Click here to save 50 percent on 1 TB of cloud backup storage!

More from Komando.com

How to do a Deep Web search and why you should

Watch out! This stealthy phishing scam fools even the most cautious web users

5 things you can do with the new Google Assistant

The best advice on attracting more traffic to your website
Previous Small Business

The best advice on attracting more traffic to your website

How to boost your Wi-Fi for $50
Next Small Business

How to boost your Wi-Fi for $50

View Comments ()