You may remember that the Colorado Department of Transportation was attacked by ransomware twice – one of which was successful – earlier this year. The successful attack sent 2,000 employees back to using paper and pencil for over a week. What many don’t know is that small businesses are just as big of a target for ransomware hackers. In fact, the FBI reported in 2016 that ransomware infected an estimated 100,000 computers a day, regardless of business or personal usage. That number has only increased.

It’s just a matter of time until a hacker tests your business’ cybersecurity defenses. Learn how ransomware attacks happen by reading our recent blog post, “Ransomware Targets Businesses of All Sizes.”

Here are best practices that our experienced team of IT experts has developed on things to do – and don’t do – to protect your business or help it quickly recover from a successful ransomware attack.

Ransomware: The Don’ts

  • Don’t set easy-to-decrypt passwords. This is always mentioned because it continues to be a huge security risk.
  • Don’t give all employees access to all files. They should only be able to access the files they need to do their jobs.
  • Don’t save only one copy of your data. If your data is encrypted, you need a backed-up copy to restore it.
  • Don’t keep all your data in the same place. If you have two copies but save them in the same place, they’ll both be encrypted.
  • Don’t overlook web and email filtering solutions.

Ransomware: The Dos

Ransomware is inexpensive and takes little effort to deploy for hackers. Recovering from a successful ransomware attack, however, is expensive, takes a lot of time to remediate and can be massively disruptive to a targeted business. But, some business owners still forego cybersecurity solutions that could protect them because of cost.

Remember: the ROI on the time and money spent deploying these solutions is quantified by your business never suffering a successful ransomware attack which can cost hundreds of thousands of dollars. Work with your managed services provider to implement cybersecurity enhancements.

Here are some protections you can put into place and best practices you can use to defend against ransomware attacks.

If you’ve been successfully attacked and your files are encrypted:

  • Unplug the infected computer(s) from the network and turn it off. This prevents it from infecting other workstations or your backups.
  • Call your managed services provider for help recovering your systems from back-ups, deploying your disaster recovery plan and beginning forensics on your systems.
  • Confer with legal counsel.
  • Notify law enforcement (local police and the FBI).
  • Follow your managed services provider’s recommendations for preventing another successful attack.

If you haven’t become a victim yet:

  • Develop comprehensive back-up and disaster response plans. Make sure your employees know what to do and who to call to get the organization back up and running as soon as possible.
  • Deploy a redundant, hybrid backup storage solution – storing your data both on-site and in the cloud. If one becomes encrypted by ransomware, you can restore the data with the other.
  • Conduct annual cybersecurity awareness trainings with your employees. It is key to train employees on how to spot phishing attempts and other forms of cyberattacks and how to protect themselves and the company against them.
  • Refrain from clicking on suspicious links or downloading files from senders from whom are you aren’t expecting attachments. These are the most common ways companies become infected with ransomware.
  • Ensure you’ve partnered with a security-focused managed services IT provider

Simpleworks is Colorado Springs’ leading managed services IT provider. Our experienced solutions team works with business owners who need customized cybersecurity and back-up and disaster recovery services based on their needs and budget. Give us a call or email us today to find out more about our managed service packages and how we can help you simplify your IT.

Ransomware has been all over the news recently. If a company as large as Equifax can fall victim to a ransomware attack, you can be sure small businesses are at risk. No organization – no matter its size – is immune to attack.

Why Would I Be a Target?

Many business owners mistakenly think their companies are too small to be a target for hackers. In fact, smaller businesses with little-to-no internal IT staff are likely a much greater risk as they often can’t afford or don’t know about information security solutions, best practices and protocols used by larger companies. Hackers target small businesses for just this reason.

Ransomware hackers aren’t so much interested in your information as they are in getting paid. That’s why the average ransom is usually below $2,000. They depend on companies without the adequate resources to defend or recover from a ransomware attack to pay to decrypt their files.

Ransomware Attacks: What Happens?

Ransomware attacks often are successful because an employee clicks a link or downloads a file in a legitimate-looking email that then immediately begins encrypting all your files. For example, human resources may receive a phishing email titled “Resume” with an infected attachment. After downloading and opening the document, the hidden ransomware will begin encrypting files, and a message will usually pop up demanding a ransom be paid in Bitcoin to receive a decryption key from the hacker. Considering that most hackers aren’t ethical, there’s always the possibility that they may not provide you with a key to decrypt your files after you’ve paid the ransom – causing you to lose access to all your data.

Ransomware Attacks: What Should I Do?

If you fall victim to a ransomware attack, you should immediately disconnect your workstation from the network and shut it down to prevent other workstations and your backups from becoming infected and encrypted as well.

If you’ve partnered with a security-conscious managed services provider (MSP), you should call them so they can begin to perform forensics on your systems. They will look for the source of the attack and the vulnerabilities the hackers were able to take advantage of to access your network and files.

If you have working backups that aren’t encrypted, you can easily restore your systems to a state prior to the attack. If you don’t have backups and your information isn’t decrypted, you may have lost your information forever or be forced to recreate it.

You should continue to work with your MSP to implement additional cybersecurity solutions, conduct cybersecurity awareness training for your employees and consistently use information security best practices.

Finally, you should report the incident to the police and the FBI’s Internet Crime Complaint Center.

How Can I Prevent Becoming a Victim?

We believe in a layered approach to security. You can’t just have antivirus software. You also need advanced endpoint security, consistent system patching and so much more. Plus, you need working backups to restore your data if all else fails.

Cybersecurity awareness training is also key to maintaining a secure organization. Your employees need to be able to identify possible risks and avoid them. Your employees are often your best defense – and your weakest link.

Outsourcing your information technology to a managed services provider like Simpleworks IT can take much of the cybersecurity worry off your hands. Improve your ability to defend against cyberattacks by working with an MSP with experience and expertise in cyber security including back-up and disaster recovery, cloud solutions and more.

With expertise in back-up and disaster recovery, Simpleworks IT can help defend your business against cybersecurity threats and IT challenges. Find out why we’re Colorado Springs’ leading managed IT provider. Contact us at 719-476-0444.

Most business owners wouldn’t imagine operating without an insurance policy to cover break-ins, accidents, fires, and other unforeseeable disasters. But many businesses fail to appreciate the need to insure their precious online property—their data.

A catastrophic loss of data can not only disrupt normal business operations; it can actually have an adverse effect on your bottom line, customer service, and reputation. Even if you have solid IT infrastructure and services in place, data loss can happen for any number of reasons. You need a disaster recovery plan in place in case of an emergency. Simpleworks can help.

Colorado Springs Data Disaster Recovery Solutions

With BDR backups, Simpleworks offers a comprehensive disaster recovery service. Here are some of the features:

  • Hybrid cloud backups. The physical BDR device will back up your data automatically as frequently as every 5 minutes and can be easily retrieved. In addition to the physical copy, your data can be backed up off-site on a secured BDR server. This level of redundancy issues that none of your data will ever be permanently lost.
  • Instant virtualization. Your backup data can be virtualized almost instantaneously from either the physical device or the cloud to replicate the failing server. This will keep your business operating while the problem is addressed.
  • Backup Insights.  This service allows us to locate and retrieve deleted files that occur between backups. This kind of retrieval can be invaluable for small scale data loss from misclicks or carelessness.

BDR backup services are also encrypted and comply with current HIPPA standards.

Colorado Springs Data Recovery

At Simpleworks, we have heard a lot of horror stories about catastrophic data loss. As Colorado Springs’ leading IT support and disaster recovery solution, we utilize BDR backups to ensure the safety of our customers’ vital data. This disaster recovery plan provides the protection and redundancy that your business needs.

Don’t put your business at risk. Insure your data with BDR backups from Simpleworks today.

Nearly every business today relies heavily on information technology. Computers, Internet service, servers, phone systems, email, data storage, and calendars are all necessary for most businesses, large or small. We generally don’t realize how much we rely on our IT, in fact, until something goes wrong. But a disruption to any IT system can mean a serious hit to productivity, and even lost profits. Unfortunately, no matter how many precautions are put into place, IT systems will malfunction from time to time. These disruptions strike without warning at any time, day or night.

Simpleworks understands how vital it is that companies stay up and running, which is why we offer a 24/7 IT support service. Whether you have a system-wide crash on a large network or trouble with an individual computer, we have an IT specialist standing by to assist.

Superior 24/7 IT Support

Simpleworks offers a wide range of troubleshooting and repair services 24 hours a day. We have expertise with both Macs and Windows-based PCs, hardware and software issues, as well as connectivity and communications problems.

Beyond their expertise, our Colorado Springs computer support team is efficient, friendly, and professional. We understand how vital it is to keep our clients’ IT systems fully functional, so we tackle every problem as if it was our own—promptly and efficiently. This dedication to the needs of our customers is why we are the most trusted IT support company in Colorado Springs.

How Our 24/7 IT Support Service Works

All you need to do is submit a ticket to our 24/7 computer support team at support@simpleworksit.com or through our automated phone system. You will then receive a response within one hour. Our technician will diagnose the problem and may be able to assist remotely. If not, we will come to you. If you are a larger company, you may want to set up a contract with us that includes 24/7 computer support. If not, we offer an hourly rate to cover your specific emergency.

Don’t Let Your IT Down!

Don’t spin your wheels trying to troubleshoot a problem yourself or let your IT problems lead to a loss of productivity or profits. Give the pros at Simpleworks a call today so we can get your back up and running!